I’ve noticed that there’s a common misconception that Certificate Transparency is a replacement for HTTP public key pinning. If those words make no sense to you: HTTP public key pinning was a now-mostly-defunct mechanism whereby websites could “pin” themselves to a set of public keys, so that browsers would not accept a certificate for that website’s hostname unless one of those pinned public keys appeared in its certificate chain. Certificate Transparency is a system whereby certif...
