Skip to content

[RFC 6962] s2n Client can Validate Signed Certificate Timestamp TLS Extension #457

New issue
New issue
Closed
Closed
[RFC 6962] s2n Client can Validate Signed Certificate Timestamp TLS Extension#457
Labels
priority/lowRank 4s2n-coreteamsize/largetype/client_improvementtype/new_rfctype/tls_extension
@alexw91

Description

@alexw91
alexw91
opened on Mar 21, 2017

RFC: https://tools.ietf.org/html/rfc6962

Right now the s2n Client can request and accept SCT TLS Extensions, but does not validate the extension.

Function s2n_recv_server_sct_list() in s2n_server_extensions.c conn->ct_response is never validated before being copied to the connection struct.

Metadata

Metadata

Assignees

No one assigned

    Labels

    priority/lowRank 4s2n-coreteamsize/largetype/client_improvementtype/new_rfctype/tls_extension

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions