Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: Implement TLS Feature extension #13074

Closed
titanous opened this issue Oct 27, 2015 · 1 comment
Closed

crypto/tls: Implement TLS Feature extension #13074

titanous opened this issue Oct 27, 2015 · 1 comment
Milestone

Comments

@titanous
Copy link
Member

@titanous titanous commented Oct 27, 2015

The TLS Feature extension (RFC 7633) allows certificates to specify TLS features that must be used in handshakes that include the certificate. This allows implementation of "OCSP must-staple" which requires an OCSP response to be stapled into the handshake in order for it to be valid.

This would just be a change to client chain/handshake verification, I don't believe that any fields or methods need to be exposed.

/cc @agl

@ianlancetaylor ianlancetaylor added this to the Unplanned milestone Nov 5, 2015
@agl

This comment has been minimized.

Copy link
Contributor

@agl agl commented Aug 19, 2016

For the moment OCSP stapling isn't really supported as a client in Go and the TLS Feature extension doesn't see enough use to be considered for Go. Go generally (and deliberately) trails other implementations in this sort of thing because things like browsers are a better testing ground.

I'm closing this, not because we would never support this, but because the bug tracker is a to-do list and I feel that this entry is currently premature.

@agl agl closed this Aug 19, 2016
@golang golang locked and limited conversation to collaborators Aug 19, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.