RFC 9163
Expect-CT Extension for HTTP, June 2022
- File formats:
- Also available: XML file for editing
- Status:
- EXPERIMENTAL
- Author:
- E. Stark
- Stream:
- IETF
- Source:
- httpbis (wit)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9163
Discuss this RFC: Send questions or comments to the mailing list ietf-http-wg@w3.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9163
Abstract
This document defines a new HTTP header field named "Expect-CT", which allows web host operators to instruct user agents (UAs) to expect valid Signed Certificate Timestamps (SCTs) to be served on connections to these hosts. Expect-CT allows web host operators to discover misconfigurations in their Certificate Transparency (CT) deployments. Further, web host operators can use Expect-CT to ensure that if a UA that supports Expect-CT accepts a misissued certificate, that certificate will be discoverable in Certificate Transparency logs.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.