how pubkey pinning differs from that much
Try pinning google's, or any letsencrypt, end service full DER certs, it's a maintenance headache because they're constantly changing. Pinning google's intermediate certs (pubkey or full DER), or the LE end service pubkeys, can reduce maintenance, with same security.
isn't a certificate just wrapping for a pubkey?
A wrapping, over that and more meta fields. P2P nets might not have use for much more than what's in the TOFU paragraph. Bitcoin's and other cryptos total lack of both wire privacy and coin privacy, still through to this day, almost seems nefariously intentional. Refs... openssl x509 -text https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning https://cheatsheetseries.owasp.org/cheatsheets/Pinning_Cheat_Sheet.html https://curl.haxx.se/libcurl/c/CURLOPT_PINNEDPUBLICKEY.html https://www.netcraft.com/internet-data-mining/ssl-survey/ https://www.ssllabs.com/ssl-pulse/ https://arstechnica.com/gadgets/2018/10/browser-vendors-unite-to-end-support... https://www.bleepingcomputer.com/news/security/ietf-approves-tls-13-as-inter... https://en.wikipedia.org/wiki/Transport_Layer_Security https://tools.ietf.org/html/rfc8446 https://github.com/OWASP/www-community/blob/master/pages/controls/Certificat... https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Pinning_Ch... https://github.com/curl/curl/blob/master/docs/cmdline-opts/pinnedpubkey.d https://github.com/curl/curl/blob/deb9462ff2de8e955c67ed441f5f48619a31198d/d... https://github.com/curl/curl/blob/51fde337471c9125e7bf425e7ce0a0bf53691992/d... Recommendations for Secure Use of Transport Layer Security (TLS) https://tools.ietf.org/html/rfc7525 Pervasive Monitoring Is an Attack https://tools.ietf.org/html/rfc7258 Privacy Considerations for Internet Protocols https://tools.ietf.org/html/rfc6973 Certificate Transparency https://tools.ietf.org/html/rfc6962 Strong Security Requirements for Internet Engineering Task Force Standard Protocols https://tools.ietf.org/html/rfc3365 Guidelines for Writing RFC Text on Security Considerations https://tools.ietf.org/html/rfc3552 IETF Policy on Wiretapping https://tools.ietf.org/html/rfc2804 IAB and IESG Statement on Cryptographic Technology and the Internet https://tools.ietf.org/html/rfc1984 Privacy Requirements for IETF Protocols https://tools.ietf.org/html/draft-cooper-ietf-privacy-requirements-01 It is the consensus of the IETF that our protocols be designed to avoid privacy violations to the extent possible. Handling Pervasive Monitoring in the IETF (perpass) (WG) https://www.ietf.org/proceedings/88/perpass.html https://www.ietf.org/mailman/listinfo/perpass Opportunistic Security: Some Protection Most of the Time https://tools.ietf.org/html/rfc7435.html