Stephane Bortzmeyer stephane at sources.org
Thu Apr 29 19:15:47 BST 2021
- - - - - - - - - - - - - - - - - - -
On Wed, Apr 28, 2021 at 05:47:29PM +0000, nervuri <nervuri at disroot.org> wrote a message of 81 lines which said:
Probably the big issue with this idea is that client developers may
not want to bundle, for instance, Let's Encrypt cert fingerprints,
as they change every 2-3 months.
Note that it is a reason to use only the public key for TOFU, not theentire cert, since this public key can be static.