Hacker News new | past | comments | ask | show | jobs | submit login

Because that is more effort for much less benefit than TACK.



TACK only helps with clients that have seen a site before, right?


Yes, but that's most sites.

This leaves an attack vector against people doing first-time-ever connections (like fresh installs of new OSes that are grabbing their new security packages), but TACK pins can also be pre-loaded or shared between clients for those circumstances.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: