Re: the issue is about being able to use it as part of a "fingerprint",
Sorry, that explanation doesn't really help.
What is the "it" you're referring to?
The article says:
>> His point is that an HSTS “pin” is set for each HTTPS-redirected site you use, it's unique to user and site, and it's readable from your browser settings by any site <<
That looks like a domain issue, specifically "it's readable from your browser settings by any site". Is the article wrong? What am I missing?