packages

History

Tony Ambardar 1170686cba stubby: add SPKI pin set for Cloudflare cert Add an SPKI pin for Cloudflare to help prevent MITM and downgrade attacks, as described in RFC7858 (DNS over TLS). The setup of SPKI and the specific SHA256 certificate hash are taken from Cloudflare's DoT configuration guide published at https://developers.cloudflare.com/1.1.1.1/dns-over-tls/. Note that the certificate is valid to March 25th 2020, 13:00 CET, which provides ample time for issuance of a backup pin to support future key rollover. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>	2018-09-23 21:55:03 -07:00
..
files	stubby: add SPKI pin set for Cloudflare cert	2018-09-23 21:55:03 -07:00
Makefile	stubby: fix config file definition	2018-09-23 21:55:03 -07:00

Tony Ambardar 1170686cba stubby: add SPKI pin set for Cloudflare cert

Add an SPKI pin for Cloudflare to help prevent MITM and downgrade attacks,
as described in RFC7858 (DNS over TLS). The setup of SPKI and the specific
SHA256 certificate hash are taken from Cloudflare's DoT configuration guide
published at https://developers.cloudflare.com/1.1.1.1/dns-over-tls/.

Note that the certificate is valid to March 25th 2020, 13:00 CET, which
provides ample time for issuance of a backup pin to support future key
rollover.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>

2018-09-23 21:55:03 -07:00

files

stubby: add SPKI pin set for Cloudflare cert

2018-09-23 21:55:03 -07:00

Makefile

stubby: fix config file definition

2018-09-23 21:55:03 -07:00