brave-ios icon indicating copy to clipboard operation
brave-ios copied to clipboard

Published 20 hours ago verified publisher icon brave

Implement certificate pinning for Brave/BraveSoftware domains

Open jumde opened this issue 4 years ago • 2 comments

Description:

Certificate Pinning reduces the impact of MITM attacks. We should PIN certificates for *.brave.com and *.bravesoftware.com domains to ensure the responses from these domains can be trusted.

Certificate Pinning is already implemented: https://github.com/brave/brave-ios/blob/f8b4d52df2cea77ac624a8621def3825f89511dd/BraveShared/CertificatePinning.swift - Just needs to be enabled.

jumde avatar Apr 02 '20 17:04 jumde

Does this block the super referrer work or can be implemented later/separately?

iccub avatar Apr 02 '20 22:04 iccub

@iccub not blocking

diracdeltas avatar Apr 07 '20 20:04 diracdeltas