Patrick regularly connects to untrusted networks when he travels and is concerned that an on-path attack could be executed against him as he browses websites. He would like to validate certificates against known certificates for those websites. What technique can he use to do this?

Certificate pinning is a technique that associates a known certificate with a host and then compares it with the certificate that is presented, thus mitigating the risk of man-in-the-middle attacks. However, this approach may not be effective if the certificate is updated and the pinned certificate is not. A certificate revocation list (CRL) shows whether a certificate has been revoked, but it does not indicate if it has been changed. It's worth noting that Patrick will not have access to the remote server's private key unless he is the administrator.