Comment by yjftsjthsd-h
10 days ago
> You get both regular certificate pinning (like what SSH uses now) AND full certificate authority chains (if you want).
It doesn't do full chains, but SSH does have certificate authorities. I agree that the lack of intermediate CAs is a limitation (a CA can only sign a leaf node public key directly), but it's still super useful.
No comments yet
Contribute on Hacker News ↗