Cert pinning

[Hal Murray]

Gary said:
>> There is a downside. Every time it changes, you have to take
>> a leap of faith when you re-pin it, rather than getting normal
>> CA validation.
> You miss the point, this is addition to normal CA validation, not an
> alternative to it.  Just like HPKP. 

I'm missing something important.  Why would I need additional validation?  
Isn't normal certificate validation good enough?

-- 
These are my opinions.  I hate spam.