It allows web services to reduce the number of authorities that can validate a website instructing customers (clients) to use only a specific subset of principles, rather than accept any certificate that is served from the browser.
The technique is designed to reduce the likelihood of attacks man in the middle (MITM) under certain conditions and protect against false certificates.
The safety feature works only the second visit to the site and not the first, as the information provided by the website for certificate authorities submitted to the client on the first visit. This is called trust on first use or trust on first use (TOFU).
This means that the technique can not help if you have already visited a website and you have received a fake certificate from scammers or if an attack happens man in the middle at that time.
With the new version of Firefox 32, Mozilla's browser will support the Public Key Pinning. The Firefox 32 is already available as a beta version and will be released in the final version of the September 2, 2014 (maybe sooner for readers iGuRu.gr).
O new Firefox will display a lock icon to indicate when a website is secure and will reject websites it deems unsafe. The latter is the case, ie if a fail safe link will display the error to the browser.
Public Key Pinning
It should be mentioned that the new feature of Firefox is not so new for Google Chrome that already.
Pinning (Public Key Pinning) is enabled by default in Firefox 32 and subsequent versions of the browser.
0 comments:
Post a Comment
We are eager to see your comment. All comments will moderate by the hand of man, and all links are nofollow.