Skip to content
Permalink
Browse files

TODO: Support Authority Information Access certificate extension (AIA)

Closes #2793
  • Loading branch information
bagder authored and falconindy committed Jul 28, 2018
1 parent 1f7ac40 commit 727c3fb680349b5e11d49bbff1c3d583806331c7
Showing with 12 additions and 0 deletions.
  1. +12 −0 docs/TODO
@@ -113,6 +113,7 @@
13.7 improve configure --with-ssl
13.8 Support DANE
13.9 Configurable loading of OpenSSL configuration file
13.10 Support Authority Information Access certificate extension (AIA)
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
13.12 Support HSTS
13.13 Support HPKP
@@ -779,6 +780,17 @@ that doesn't exist on the server, just like --ftp-create-dirs.

See https://github.com/curl/curl/issues/2724

13.10 Support Authority Information Access certificate extension (AIA)

AIA can provide various things like CRLs but more importantly information
about intermediate CA certificates that can allow validation path to be
fullfilled when the HTTPS server doesn't itself provide them.

Since AIA is about downloading certs on demand to complete a TLS handshake,
it is probably a bit tricky to get done right.

See https://github.com/curl/curl/issues/2793

13.11 Support intermediate & root pinning for PINNEDPUBLICKEY

CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root

0 comments on commit 727c3fb

Please sign in to comment.
You can’t perform that action at this time.