Expect-CT Extension for HTTP
| Document Name: | RFC 9163 |
|---|---|
| Document URI: |
urn:ietf:rfc:9163
|
| Online Version: |
https://datatracker.ietf.org/doc/html/rfc9163
|
| Organization: | Internet Engineering Task Force (IETF) |
| Series: | Request for Comments (RFC) |
| Abstract: | This document defines a new HTTP header field named "Expect-CT", which allows web host operators to instruct user agents (UAs) to expect valid Signed Certificate Timestamps (SCTs) to be served on connections to these hosts. Expect-CT allows web host operators to discover misconfigurations in their Certificate Transparency (CT) deployments. Further, web host operators can use Expect-CT to ensure that if a UA that supports Expect-CT accepts a misissued certificate, that certificate will be discoverable in Certificate Transparency logs. |
Specified Web Concepts:
HTTP Header Fields
Expect-CT
Return to ( Series | Organization | all Specifications )