policy/protocols/ssl/validate-sct.zeek
- SSL
Perform validation of Signed Certificate Timestamps, as used for Certificate Transparency. See RFC6962 for more details.
- Namespace:
SSL
- Imports:
base/protocols/ssl, policy/protocols/ssl/validate-certs.zeek
Summary
Types
This record is used to store information about the SCTs that are encountered in a SSL connection. |
|
List of the different sources for Signed Certificate Timestamp |
Redefinitions
|
|
Detailed Interface
Types
- SSL::SctInfo
- Type:
-
- version:
count
The version of the encountered SCT (should always be 0 for v1).
- logid:
string
The ID of the log issuing this SCT.
- timestamp:
count
The timestamp at which this SCT was issued measured since the epoch (January 1, 1970, 00:00), ignoring leap seconds, in milliseconds. Not converted to a Zeek timestamp because we need the exact value for validation.
- sig_alg:
count
The signature algorithm used for this sct.
- hash_alg:
count
The hash algorithm used for this sct.
- signature:
string
The signature of this SCT.
- source:
SSL::SctSource
Source of this SCT.
- valid:
bool
&optional
Validation result of this SCT.
- version:
This record is used to store information about the SCTs that are encountered in a SSL connection.
- SSL::SctSource
- Type:
-
- SSL::SCT_X509_EXT
Signed Certificate Timestamp was encountered in the extension of an X.509 certificate.
- SSL::SCT_TLS_EXT
Signed Certificate Timestamp was encountered in an TLS session extension.
- SSL::SCT_OCSP_EXT
Signed Certificate Timestamp was encountered in the extension of an stapled OCSP reply.
List of the different sources for Signed Certificate Timestamp