Expect-CT Extension for HTTP, June 2022
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This document defines a new HTTP header field named "Expect-CT", which allows web host operators to instruct user agents (UAs) to expect valid Signed Certificate Timestamps (SCTs) to be served on connections to these hosts. Expect-CT allows web host operators to discover misconfigurations in their Certificate Transparency (CT) deployments. Further, web host operators can use Expect-CT to ensure that if a UA that supports Expect-CT accepts a misissued certificate, that certificate will be discoverable in Certificate Transparency logs.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.