RFC 9163

Expect-CT Extension for HTTP, June 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
 
Status:
EXPERIMENTAL
Author:
E. Stark
Stream:
IETF
Source:
httpbis (wit)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9163

Discuss this RFC: Send questions or comments to the mailing list ietf-http-wg@w3.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9163

Abstract

This document defines a new HTTP header field named "Expect-CT", which allows web host operators to instruct user agents (UAs) to expect valid Signed Certificate Timestamps (SCTs) to be served on connections to these hosts. Expect-CT allows web host operators to discover misconfigurations in their Certificate Transparency (CT) deployments. Further, web host operators can use Expect-CT to ensure that if a UA that supports Expect-CT accepts a misissued certificate, that certificate will be discoverable in Certificate Transparency logs.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.



Advanced Search