Certificate Pinning Done Right

Standard certificate pinning pins to the SHA-256 hash of a certificate's public key (SPKI) — a cryptographic artifact that changes whenever a key rotates, regardless of whether the organizational identity has changed. This produces two failures of the security it was meant to provide: a silent interception path, where an attacker who obtains a legitimate certificate from the same root CA defeats the pin without breaking it; and an operational burden that worsens as certificate lifetimes shrink toward 47 days, forcing app updates on the same cadence.

This paper argues that pinning should target the identity expressed through the certificate chain's naming conventions rather than the key.