Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: Implement TLS Feature extension #13074

titanous opened this issue Oct 27, 2015 · 1 comment

crypto/tls: Implement TLS Feature extension #13074

titanous opened this issue Oct 27, 2015 · 1 comment


Copy link

The TLS Feature extension (RFC 7633) allows certificates to specify TLS features that must be used in handshakes that include the certificate. This allows implementation of "OCSP must-staple" which requires an OCSP response to be stapled into the handshake in order for it to be valid.

This would just be a change to client chain/handshake verification, I don't believe that any fields or methods need to be exposed.

/cc @agl

@ianlancetaylor ianlancetaylor added this to the Unplanned milestone Nov 5, 2015
Copy link

agl commented Aug 19, 2016

For the moment OCSP stapling isn't really supported as a client in Go and the TLS Feature extension doesn't see enough use to be considered for Go. Go generally (and deliberately) trails other implementations in this sort of thing because things like browsers are a better testing ground.

I'm closing this, not because we would never support this, but because the bug tracker is a to-do list and I feel that this entry is currently premature.

@agl agl closed this as completed Aug 19, 2016
@golang golang locked and limited conversation to collaborators Aug 19, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet

No branches or pull requests

4 participants