Beta Blog Post Clarification

33 views
Skip to first unread message

PhistucK

unread,
Sep 3, 2015, 9:49:18 AM9/3/15
to Alex Komoroske, security-dev
The beta blog post mentions this -
"Hosts can now specify valid certificates for authentication during a session using HTTP Public Key Pinning, making man-in-the-middle attacks more difficult."
Is this a new feature? Any change you meant the new Report-Only mode?

And just a nit -
"The CSS intrinsic sizing attribute, which allows boxes to fit their contents, is no longer prefixed."
s/attribute, which allows/values, which allow/
s/is/are/ :)

Thank you!

PhistucK

Emily Stark (Dunn)

unread,
Sep 3, 2015, 9:57:13 AM9/3/15
to PhistucK, Dru Knox, Alex Komoroske, security-dev
On Thu, Sep 3, 2015 at 6:48 AM, PhistucK <phis...@gmail.com> wrote:
The beta blog post mentions this -
"Hosts can now specify valid certificates for authentication during a session using HTTP Public Key Pinning, making man-in-the-middle attacks more difficult."
Is this a new feature? Any change you meant the new Report-Only mode?

I'm pretty sure this is indeed supposed to be HPKP reporting + Report-Only mode. https://www.chromestatus.com/features/4669935557017600

Dru Knox

unread,
Sep 3, 2015, 5:05:09 PM9/3/15
to Emily Stark (Dunn), PhistucK, coco...@google.com, Alex Komoroske, security-dev
+Katie O'Connor

These seem like good updates to make. Katie, what format should I send updates to you in to make your life easier? Should I just update the doc?
--
-Dru

Katie O'Connor

unread,
Sep 3, 2015, 6:39:56 PM9/3/15
to Dru Knox, Alex Komoroske, PhistucK, security-dev, Emily Stark (Dunn)

Hey Dru! Can you just send me the updated sentence and I can paste it in.

Katie

Dru Knox

unread,
Sep 3, 2015, 7:51:57 PM9/3/15
to Katie O'Connor, Alex Komoroske, PhistucK, security-dev, Emily Stark (Dunn)
Awesome, I'll send a set of updates in a separate thread. Thanks!
--
-Dru
Reply all
Reply to author
Forward
0 new messages