The Mozilla Foundation has stepped up its efforts to improve browser security with the launch of Firefox 32, adding public key pinning to try and protect users from man-in-the-middle and other attacks.
Public key pinning security feature that helps ensure that people are connecting to the sites they intend. Pinning allows webmasters to specify which certificate authorities (CAs) issue valid certificates for their sites, rather than accepting any one of the hundreds of built-in root certificates that ship with Firefox.
This means pinning can be used to protect Firefox users from man-in-the-middle-attacks and rogue certificate authorities. Whether a CA mis-issues a certificate, or when the root cert for a pinned site does not match one of the known good CAs, Firefox will reject the connection.
Here is an example of an error message generated by the public key pinning feature in Firefox.
The change is among a number of enhancements offered in the new version, now available for Windows, Mac, Linux and Android users.