-
Yawning Angel authored
HPKP is effectively dead as far as a standard goes, but the idea has merit in certain use cases, this being one of them. As a TLS MITM essentially will strip whatever obfuscation that the transport may provide, the digests of the SubjectPublicKeyInfo fields of the Tor Browser Azure meek host are now hardcoded. The behavior can be disabled by passing `disableHPKP=true` on the bridge line, for cases where comaptibility is prefered over security.
c65aaf64