This HTML5 document contains 51 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
dcthttp://purl.org/dc/terms/
yago-reshttp://yago-knowledge.org/resource/
dbohttp://dbpedia.org/ontology/
foafhttp://xmlns.com/foaf/0.1/
n4http://dbpedia.org/resource/Rfc:
n15http://dbpedia.org/resource/Template:N/
dbthttp://dbpedia.org/resource/Template:
rdfshttp://www.w3.org/2000/01/rdf-schema#
freebasehttp://rdf.freebase.com/ns/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n17http://dbpedia.org/resource/Template:SSL/
owlhttp://www.w3.org/2002/07/owl#
n9http://en.wikipedia.org/wiki/
dbchttp://dbpedia.org/resource/Category:
provhttp://www.w3.org/ns/prov#
dbphttp://dbpedia.org/property/
xsdhhttp://www.w3.org/2001/XMLSchema#
goldhttp://purl.org/linguistics/gold/
dbrhttp://dbpedia.org/resource/

Statements

Subject Item
dbr:HTTP_Public_Key_Pinning
rdf:type
dbo:Organisation
rdfs:label
HTTP Public Key Pinning
rdfs:comment
HTTP Public Key Pinning (HPKP) is an obsolete Internet security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent digital certificates. A server uses it to deliver to the client (e.g. web browser) a set of hashes of public keys that must appear in the certificate chain of future connections to the same domain name.
owl:sameAs
freebase:m.012zr74q yago-res:HTTP_Public_Key_Pinning
dbp:wikiPageUsesTemplate
dbt:Reflist dbt:IETF_RFC n15:A dbt:Dunno n17:TLS
dct:subject
dbc:Web_security_exploits dbc:Hypertext_Transfer_Protocol_headers dbc:Transport_Layer_Security
gold:hypernym
dbr:Mechanism
prov:wasDerivedFrom
n9:HTTP_Public_Key_Pinning?oldid=1056993476&ns=0
dbo:wikiPageID
45619411
dbo:wikiPageLength
10909
dbo:wikiPageRevisionID
1056993476
dbo:wikiPageWikiLink
dbr:Mitmproxy dbr:Public_key_certificate n4:7469 dbr:Internet_security dbr:Request_for_Comments dbr:Hypertext_Transfer_Protocol dbr:Root_certificate dbr:Microsoft_Edge dbr:Client_(computing) dbr:Cryptographic_hash_function dbr:Header_(computing) dbr:DNS_Certification_Authority_Authorization dbr:Deep_content_inspection dbc:Transport_Layer_Security dbr:Impersonator dbr:Certificate_Transparency dbr:Certificate_authority dbc:Web_security_exploits dbr:List_of_HTTP_header_fields dbr:Internet_Explorer dbr:Domain_name dbr:Web_browser dbc:Hypertext_Transfer_Protocol_headers dbr:Public-key_cryptography dbr:Same-origin_policy dbr:HTTPS dbr:HTTP_Strict_Transport_Security dbr:HTTP_Public_Key_Pinning dbr:SHA-2 dbr:MDN_Web_Docs dbr:Fiddler_(software)
dbo:abstract
HTTP Public Key Pinning (HPKP) is an obsolete Internet security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent digital certificates. A server uses it to deliver to the client (e.g. web browser) a set of hashes of public keys that must appear in the certificate chain of future connections to the same domain name. For example, attackers might compromise a certificate authority, and then mis-issue certificates for a web origin. To combat this risk, the HTTPS web server serves a list of “pinned” public key hashes valid for a given time; on subsequent connections, during that validity time, clients expect the server to use one or more of those public keys in its certificate chain. If it does not, an error message is shown, which cannot be (easily) bypassed by the user. The technique does not pin certificates, but public key hashes. This means that one can use the key pair to get a certificate from any certificate authority, when one has access to the private key. Also the user can pin public keys of root or intermediate certificates (created by certificate authorities), restricting site to certificates issued by the said certificate authority. Due to HPKP mechanism complexity and possibility of accidental misuse, browsers deprecated and removed HPKP support in favor of Certificate Transparency and its Expect-CT header. Certificate Authority Authorization can also be used to restrict which certificate authorities can issue certificates for a particular domain, thus reducing chance of certificate issue errors.
foaf:isPrimaryTopicOf
n9:HTTP_Public_Key_Pinning