• oldfart@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 days ago

    Yeah, now imagine pinning certs that change weekly.

    My first thought is that old school secure software (like claws-mail) treats a cert change as a minor security incident, asking you to confirm every time. Completely different school of thought.

    • jagged_circle@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 days ago

      You can pin to your own CA. Then it doesn’t matter if you want to update your certs frequently.