Public Key Pinning

- OTHER

Declare that a website's HTTPS certificate should only be treated as valid if the public key is contained in a specified list to prevent MITM attacks that use valid CA-issued certificates.

IE

  1. 5.5 - 10
  2. 11

Edge

  1. 12 - 81
  2. 83

Firefox

  1. 2 - 34
  2. 35 - 71
  3. 72 - 77
  4. 78
  5. 79 - 80

Chrome

  1. 4 - 37
  2. 38 - 71
  3. 72 - 81
  4. 83
  5. 84 - 86

Safari

  1. 3.1 - 13
  2. 13.1
  3. 14 - TP

Opera

  1. 9 - 19
  2. 20 - 22
  3. 23
  4. 24
  5. 25 - 65
  6. 66 - 68
  7. 69

iOS Safari

  1. 3.2 - 13.3
  2. 13.4
  3. 14.0

Opera Mini

  1. all

Android Browser

  1. 2.1 - 4.4.4
  2. 81

Blackberry Browser

  1. 7
  2. 10

Opera Mobile

  1. 10 - 12.1
  2. 46

Chrome for Android

  1. 81

Firefox for Android

  1. 68

IE Mobile

  1. 10
  2. 11

UC Browser for Android

  1. 12.12

Samsung Internet

  1. 4 - 10.1
  2. 11.1
  3. 12.0

QQ Browser

  1. 10.4

Baidu Browser

  1. 7.12

KaiOS Browser

  1. 2.5

All browsers have removed support. The header was too complicated to use, and when incorrectly implemented, could completely block websites for longer periods of time.

Certificate transparency is widely used and tries to provide the same security by very different means.

Resources:
MDN Web Docs - Public Key Pinning
Scott Helme article on the issues of HPKP