The attached patches, in addition to hex encoded public key PINs accept and switch by default to the RFC7469 key PIN. Using that PIN will make more pinning uniform in the Internet, and will simplify future tools and understanding of key pinning (the serverhash option is a key pinning option). The patch set is also available at: https://gitlab.com/ocserv/openconnect/merge_requests/7 regards, Nikos -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Store-only-the-SHA1-and-SHA256-of-the-public-key-int.patch Type: text/x-patch Size: 7524 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170305/a6b79479/attachment.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: 0002-Added-support-for-RFC7469-key-PIN.patch Type: text/x-patch Size: 4202 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170305/a6b79479/attachment-0001.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: 0003-Switched-the-default-output-for-key-PIN-to-be-the-RF.patch Type: text/x-patch Size: 1005 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170305/a6b79479/attachment-0002.bin>
