Re: [fetch] Request for support for certificate pinning (#98)

A web app is using distributed services and wants to protect the user against MITM attacks. Considering that fraudulent certificates have been issued before it's not enough to rely on the browser's or the OS's root certificates to validate the certificate chain.

This is the actual requirement that we have for our app (which does federated authentication). My first use case is what we have implemented at this point.

---
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/98#issuecomment-128403720

Received on Thursday, 6 August 2015 14:59:21 UTC