From 3a9709a35d3cf5cd2e93e49b75745226fd59ae2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Mon, 21 Sep 2015 16:49:23 +0200
Subject: Use api.keybase.io

---
 .../java/org/sufficientlysecure/keychain/KeychainApplication.java  | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
index 56dd9a4cb..ebd48b9a5 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
@@ -100,12 +100,7 @@ public class KeychainApplication extends Application {
 
         TlsHelper.addPinnedCertificate("hkps.pool.sks-keyservers.net", getAssets(), "hkps.pool.sks-keyservers.net.CA.cer");
         TlsHelper.addPinnedCertificate("pgp.mit.edu", getAssets(), "pgp.mit.edu.cer");
-        // NOTE:
-        // keybase.io.CA.cer only holds the CA issuing the actual keybase.io certificate, but this
-        // is better than no pinning!
-        // We are not using https://github.com/keybase/node-client/blob/master/src/ca.iced
-        // because it is only valid for api.keybase.io (https://github.com/keybase/keybase-issues/issues/964)
-        TlsHelper.addPinnedCertificate("keybase.io", getAssets(), "keybase.io.CA.cer");
+        TlsHelper.addPinnedCertificate("api.keybase.io", getAssets(), "api.keybase.io.CA.cer");
 
         TemporaryStorageProvider.cleanUp(this);
 
-- 
cgit v1.2.3