[openssl-dev] [openssl.org #4041] [PATCH] Add Certificate Transparency Support
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Sep 14 20:25:55 UTC 2015
On Mon, Sep 14, 2015 at 08:05:06PM +0000, Salz, Rich wrote:
> > One question on the overall integration. What adjustments if any might
> > need to be made to existing servers that are not "CT-aware"?
>
> For now, absolutely nothing. At some point there might be the equivalent
> of an "OCSP Stapling" for CT data. It's all about the client being able
> to see if the cert is got is valid.
What is then the purpose of the new "-serverinfo" option of s_server?
If CT works without it, why add it?
--
Viktor.
More information about the openssl-dev
mailing list