You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DNS over TLS allows a PIN (and a backup) to be specified for the server. The PIN is the hash of the certificate's SPKI. This check is not implemented because the current open DOT servers do NOT publish nor recommend use of SPKI pins with their servers.
Implementation is a bit hard because C# provides no mechanism to retrieve the SPKI of an X.509 certificate. Will need Bouncy Castle.
The text was updated successfully, but these errors were encountered:
DNS over TLS allows a PIN (and a backup) to be specified for the server. The PIN is the hash of the certificate's SPKI. This check is not implemented because the current open DOT servers do NOT publish nor recommend use of SPKI pins with their servers.
Implementation is a bit hard because C# provides no mechanism to retrieve the SPKI of an X.509 certificate. Will need
Bouncy Castle.The text was updated successfully, but these errors were encountered: