About: HTTP Public Key Pinning

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: HTTP Public Key Pinning Goto Sponge NotDistinct Permalink

An Entity of Type : dbo:Organisation, within Data Space : el.dbpedia.org associated with source document(s)

HTTP Public Key Pinning (HPKP) is an obsolete Internet security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent digital certificates. A server uses it to deliver to the client (e.g. web browser) a set of hashes of public keys that must appear in the certificate chain of future connections to the same domain name.

Attributes	Values
rdf:type	organisation
rdfs:label	HTTP Public Key Pinning (en)
rdfs:comment	HTTP Public Key Pinning (HPKP) is an obsolete Internet security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent digital certificates. A server uses it to deliver to the client (e.g. web browser) a set of hashes of public keys that must appear in the certificate chain of future connections to the same domain name. (en)
sameAs	HTTP Public Key Pinning HTTP Public Key Pinning
dbp:wikiPageUsesTemplate	dbt:IETF_RFC dbt:N/A dbt:Reflist dbt:Dunno dbt:SSL/TLS
Subject	Transport Layer Security Web security exploits Hypertext Transfer Protocol headers
gold:hypernym	Mechanism
prov:wasDerivedFrom	http://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning?oldid=1056993476&ns=0
Wikipage page ID	45619411 (xsd:integer)
page length (characters) of wiki page	10909 (xsd:nonNegativeInteger)
Wikipage revision ID	1056993476 (xsd:integer)
Link from a Wikipage to another Wikipage	Root certificate Transport Layer Security Web security exploits Domain name Certificate Transparency Certificate authority Client (computing) Cryptographic hash function DNS Certification Authority Authorization Deep content inspection Hypertext Transfer Protocol List of HTTP header fields Public-key cryptography Public key certificate Same-origin policy Microsoft Edge SHA-2 Hypertext Transfer Protocol headers Impersonator Fiddler (software) HTPS HTTP Public Key Pinning HTTP Strict Transport Security Header (computing) Internet Explorer Internet security Web browser MDN Web Docs Request for Comments dbr:Mitmproxy dbr:Rfc:7469
has abstract	HTTP Public Key Pinning (HPKP) is an obsolete Internet security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent digital certificates. A server uses it to deliver to the client (e.g. web browser) a set of hashes of public keys that must appear in the certificate chain of future connections to the same domain name. For example, attackers might compromise a certificate authority, and then mis-issue certificates for a web origin. To combat this risk, the HTTPS web server serves a list of “pinned” public key hashes valid for a given time; on subsequent connections, during that validity time, clients expect the server to use one or more of those public keys in its certificate chain. If it does not, an error message is shown, which cannot be (easily) bypassed by the user. The technique does not pin certificates, but public key hashes. This means that one can use the key pair to get a certificate from any certificate authority, when one has access to the private key. Also the user can pin public keys of root or intermediate certificates (created by certificate authorities), restricting site to certificates issued by the said certificate authority. Due to HPKP mechanism complexity and possibility of accidental misuse, browsers deprecated and removed HPKP support in favor of Certificate Transparency and its Expect-CT header. Certificate Authority Authorization can also be used to restrict which certificate authorities can issue certificates for a particular domain, thus reducing chance of certificate issue errors. (en)
foaf:isPrimaryTopicOf	http://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
is Wikipage redirect of	Certificate pinning HPKP Public-Key-Pins Public-key pinning Public Key Pinning Public key pinning HTTP PKP HTTP public key pinning
is Link from a Wikipage to another Wikipage of	DigiNotar Certificate pinning Cryptocat Cybersecurity information technology list DNS Certification Authority Authorization List of HTTP header fields Content Security Policy Convergence (SSL) List of RFCs Moxie Marlinspike HPKP HTTP Public Key Pinning HTTP Strict Transport Security Man-in-the-middle attack HTTP PKP HTTP public key pinning
is foaf:primaryTopic of	http://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning

Faceted Search & Find service v1.17_git151 as of Feb 20 2025

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 07.20.3240 as of Nov 11 2024, on Linux (x86_64-ubuntu_focal-linux-gnu), Single-Server Edition (82 GB total memory, 2 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2025 OpenLink Software