Support Expect-CT header

  - [Draft Spec](https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-06)
  - https://scotthelme.co.uk/a-new-security-header-expect-ct/
  - [Chrome feature](https://www.chromestatus.com/feature/5677171733430272) available since chrome 61

# Client side support

  - [x] Support for Expect-CT header in lpeg_patterns (Tracking issue: https://github.com/daurnimator/lpeg_patterns/issues/11)
  - [ ] Track known expect-ct hosts
  - [ ] Support report-uri
      - This requires json library
      - May want to turn off by default for privacy?
      - > UAs SHOULD limit the rate at which they send reports.  For example, it is unnecessary to send the same report to the same "report-uri" more than once.
  - [ ] Come up with a CT Policy
      - [Google's](https://www.chromium.org/Home/chromium-security/certificate-transparency/log-policy)
      - Need to include default log providers? See https://www.certificate-transparency.org/known-logs

# Server side support

  - Probably need https://github.com/wahern/luaossl/issues/105

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support Expect-CT header #83

Client side support

Server side support

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Support Expect-CT header #83

Description

Client side support

Server side support

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions