Certificate Pinning is powerful, but you probably shouldn't use it
Let's be clear about Certificate Pinning. It IS extremely useful. It IS valid, if you follow 1 rule, and are operating in 2 use case scenarios. It's simple; The 1 rule is that YOU control the CA for the pin. If you don't control the CA, you've essentially circumvented the