{"draft":"draft-ietf-httpbis-expect-ct-08","doc_id":"RFC9163","title":"Expect-CT Extension for HTTP","authors":["E. Stark"],"format":["HTML","TEXT","PDF","XML"],"page_count":"18","pub_status":"EXPERIMENTAL","status":"EXPERIMENTAL","source":"HTTP","abstract":"This document defines a new HTTP header field named \"Expect-CT\",\r\nwhich allows web host operators to instruct user agents (UAs) to\r\nexpect valid Signed Certificate Timestamps (SCTs) to be served on\r\nconnections to these hosts. Expect-CT allows web host operators to\r\ndiscover misconfigurations in their Certificate Transparency (CT)\r\ndeployments. Further, web host operators can use Expect-CT to ensure\r\nthat if a UA that supports Expect-CT accepts a misissued certificate,\r\nthat certificate will be discoverable in Certificate Transparency\r\nlogs.","pub_date":"June 2022","keywords":["Certificate Transparency","Expect-CT"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9163","errata_url":null}