New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: add support for Certificate Transparency TLS extension #10201
Labels
Milestone
Comments
Adam, does this sound reasonable to you? Thanks. |
rsc
changed the title
crypto/tls: Add support for Certificate Transparency TLS extension
crypto/tls: add support for Certificate Transparency TLS extension
Apr 10, 2015
Yes, this is reasonable and very similar to OCSP stapling that's currently supported. |
CL https://golang.org/cl/8988 mentions this issue. |
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Oct 12, 2018
This change adds support for serving and receiving Signed Certificate Timestamps as described in RFC 6962. The server is now capable of serving SCTs listed in the Certificate structure. The client now asks for SCTs and, if any are received, they are exposed in the ConnectionState structure. Fixes golang#10201 Change-Id: Ib3adae98cb4f173bc85cec04d2bdd3aa0fec70bb Reviewed-on: https://go-review.googlesource.com/8988 Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org> Reviewed-by: Jonathan Rudenberg <jonathan@titanous.com>
FiloSottile
pushed a commit
to FiloSottile/go
that referenced
this issue
Oct 12, 2018
This change adds support for serving and receiving Signed Certificate Timestamps as described in RFC 6962. The server is now capable of serving SCTs listed in the Certificate structure. The client now asks for SCTs and, if any are received, they are exposed in the ConnectionState structure. Fixes golang#10201 Change-Id: Ib3adae98cb4f173bc85cec04d2bdd3aa0fec70bb Reviewed-on: https://go-review.googlesource.com/8988 Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org> Reviewed-by: Jonathan Rudenberg <jonathan@titanous.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'd like to be able to serve SCTs via the TLS extension with
crypto/tls
, similar to how theCertificate
struct supports anOCSPStaple
. I'm happy to put it together and submit a CL if the feature would be accepted./cc @agl
The text was updated successfully, but these errors were encountered: