Welcome Stranger to OCC!Login | Register

Firefox 32 Adds Public Key Pinning

Category: Software
Posted: September 3, 2014 02:17PM
Author: gebraset

In an effort to prevent attacks that involve invalid SSL/TSL certificates, Firefox 32 has incorporated Public Key Pinning. According to Sid Stamm, the senior manager of security and privacy engineering at Mozilla, key pinning allows website operators to specify which Certificate Authorities are able to issue valid certificates. Within Firefox 32, a normal lock icon will be displayed if a certificate is able to be matched with a pinned certificate. If the certificate cannot be verified, Firefox will reject the connection with a pinning error. This provides an additional layer of security for Firefox users by preventing connections to illegitimate website, in which a hacker could intercept critical data.

The first stage of pinning roll-out includes protection for Mozilla sites and Twitter, while later Firefox versions will include protection for Google sites, Tor, Dropbox, and others.

Source: Mozilla Security Blog

Register as a member to subscribe comments.

Submit your comment:
Name *:  Members, please LOGIN before posting
Live user
verification *:

Enter the letters you see in the image (without spaces)
Comment *:

* indicates required fields
© 2001-2014 Overclockers Club ® Privacy Policy

Also part of our network: TalkAndroid, Android Forum, iPhone Informer, Neoseeker, and Used Audio Classifieds

Elapsed: 0.0244579315