See my question from yesterday: How does something like Tack fare in a mass cert... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ikawe on April 10, 2014 \| parent \| context \| favorite \| on: TACK: "pinning" certs to a self-chosen signing key... See my question from yesterday: How does something like Tack fare in a mass certificate revocation scenario like Heartbleed: https://news.ycombinator.com/item?id=7554302

xyzzy123 on April 11, 2014 [–]

You handle it in the same way you handle rolling new certificates with TACK. No panic.

You just update your web servers with new TACK signatures corresponding to your new certs.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact