Google has announced plans to deprecate Chrome support for HTTP public key pinning (HPKP), an IETF standard that Google engineers wrote to improve web security but now consider harmful. HPKP, as described in IETF 7469, was designed to reduce the risk of a compromised Certificate Authority misissuing digital certificates for a site, allowing an attacker to perform a man-in-the-middle attack on encrypted Transport Layer Security (TLS) connections.

Read full news article on ZDNet