Chrome has certain google.com certificates (maybe all of them) pinned. {accounts... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		harshreality on May 5, 2012 \| parent \| context \| favorite \| on: The Internet Kill Switch; With Global Wiretapping ... Chrome has certain google.com certificates (maybe all of them) pinned. {accounts, mail, docs}.google.com (at least) have HSTS forced and preloaded in Chrome, but www.google.com does not.

cleverjake on May 6, 2012 [–]

I'd love to see where you found this information. I wasn't able to find it in Chrome's source, but I didn't have the change to do a deep dive.

harshreality on May 9, 2012 | [–]

http://www.imperialviolet.org/2011/05/04/pinning.html

http://blog.chromium.org/2011/06/new-chromium-security-featu...

as well as empirical Chrome behavior.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact