Andreas, Do you know of any large, high traffic sites that are using HSTS today?
Peter > On Jun 5, 2019, at 12:56 PM, A. Schulze <s...@andreasschulze.de> wrote: > > > > Am 05.06.19 um 14:54 schrieb Sathish Kumar: >> Hi Team, >> >> We would like to fix the HTTPS pinning vulnerability on our Nginx and Mobile >> application Android/iOS. If I enable on Nginx, do we need to add the pinning >> keys on our application and have to rotate the pinning keys everytime when >> the SSL cert is renewed. >> >> Please advise. > > HPKP is more or less deprecated. I suggest to no use it anymore. > Use HSTS, try to understand the implication of "includeSubDomains" and > https://hstspreload.org/ > > Andreas > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
