There was a good discussion on OWASP-Leaders mailing list [0] some time ago regarding SSL certificate pinning in applications.
I thought of summarizing a few key points to consider while opting for certificate pinning:
I thought of summarizing a few key points to consider while opting for certificate pinning:
- You can pin multiple certificates (If one is compromised, you can start using another pinned cert)
- You can pin public key/s (hence *any* certificate the server creates with the corresponding private key will still work)
- You can pin the public keys of trust chain/CAs (useful in incidents like Hearbleed where private keys were compromised)
- Consider update mechanism while implementing pinning (If you are pinning a cert/key in an updater process)
The developer needs to choose a recipe of one or more the above points to build an efficient, secure, and scalable design.
Please chime in with your comments and suggestions and I would be happy to update this post.
Reference:
[0]: http://lists.owasp.org/pipermail/owasp-leaders/2015-November/015385.html
1 comments
Thanks for the points.
Reply