moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Code Issues Releases Wiki Activity

TODO: Support Authority Information Access certificate extension (AIA)

Browse Source 
Closes #2793
This commit is contained in:
Daniel Stenberg 2018-07-28 23:26:42 +02:00
parent 10061f475e
commit 1fb8048abb
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/TODO
View File

@ -113,6 +113,7 @@
13.7 improve configure --with-ssl 13.7 improve configure --with-ssl
13.8 Support DANE 13.8 Support DANE
13.9 Configurable loading of OpenSSL configuration file 13.9 Configurable loading of OpenSSL configuration file
13.10 Support Authority Information Access certificate extension (AIA)
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
13.12 Support HSTS 13.12 Support HSTS
13.13 Support HPKP 13.13 Support HPKP
@ -779,6 +780,17 @@ that doesn't exist on the server, just like --ftp-create-dirs.
See https://github.com/curl/curl/issues/2724 See https://github.com/curl/curl/issues/2724
13.10 Support Authority Information Access certificate extension (AIA)
AIA can provide various things like CRLs but more importantly information
about intermediate CA certificates that can allow validation path to be
fullfilled when the HTTPS server doesn't itself provide them.
Since AIA is about downloading certs on demand to complete a TLS handshake,
it is probably a bit tricky to get done right.
See https://github.com/curl/curl/issues/2793
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root