Preparing for Chrome’s Certificate Transparency Policy: Expect-CT With Reporting in ASP.NET Core
Google’s Certificate Transparency project is an open framework for monitoring and auditing SSL certificates. The goal of the project is the detection of mis-issued/malicious certificates and the identification of rogue Certificate Authorities. In October 2016, Google announced that Chrome will require compliance with Certificate Transparency. The date for enforcing this requirement was initially set to October 2017 and was later changed to April 2018.
Back in December 2016, the draft of Expect-CT Extension for HTTP has been submitted and quickly followed by a call for adoption. The draft introduces the
Expect-CT response header which will allow hosts to either test or enforce the Certificate Transparency policy. The draft has been adopted and is currently in IETF stream, while the header support is already in development for Chrome (the Security Engineering team at Mozilla has also expressed interest in providing this type of support in Firefox in 2017).
via DZone.com Feed https://dzone.com
May 23, 2017 at 07:39AM