Posts

Public key pinning vs Certificate Pinning in mobile apps

When the Leaf cert has expired but is corresponding to the valid “pinned” public key SHA, the chain of certificates is checked to see if they are valid …