Open jumde opened 4 years ago
Certificate Pinning reduces the impact of MITM attacks. We should PIN certificates for .brave.com and .bravesoftware.com domains to ensure the responses from these domains can be trusted.
Certificate Pinning is already implemented: https://github.com/brave/brave-ios/blob/f8b4d52df2cea77ac624a8621def3825f89511dd/BraveShared/CertificatePinning.swift - Just needs to be enabled.
Does this block the super referrer work or can be implemented later/separately?
@iccub not blocking
Description:
Certificate Pinning reduces the impact of MITM attacks. We should PIN certificates for .brave.com and .bravesoftware.com domains to ensure the responses from these domains can be trusted.
Certificate Pinning is already implemented: https://github.com/brave/brave-ios/blob/f8b4d52df2cea77ac624a8621def3825f89511dd/BraveShared/CertificatePinning.swift - Just needs to be enabled.