policy/protocols/ssl/validate-sct.zeek¶
-
SSL
¶
Perform validation of Signed Certificate Timestamps, as used for Certificate Transparency. See RFC6962 for more details.
- Namespace
SSL
- Imports
base/protocols/ssl, policy/protocols/ssl/validate-certs.zeek
Summary¶
Types¶
This record is used to store information about the SCTs that are encountered in a SSL connection. |
|
List of the different sources for Signed Certificate Timestamp |
Redefinitions¶
|
|
Detailed Interface¶
Types¶
- SSL::SctInfo¶
- Type
-
- version:
count
The version of the encountered SCT (should always be 0 for v1).
- logid:
string
The ID of the log issuing this SCT.
- timestamp:
count
The timestamp at which this SCT was issued measured since the epoch (January 1, 1970, 00:00), ignoring leap seconds, in milliseconds. Not converted to a Zeek timestamp because we need the exact value for validation.
- sig_alg:
count
The signature algorithm used for this sct.
- hash_alg:
count
The hash algorithm used for this sct.
- signature:
string
The signature of this SCT.
- source:
SSL::SctSource
Source of this SCT.
- valid:
bool
&optional
Validation result of this SCT.
- version:
This record is used to store information about the SCTs that are encountered in a SSL connection.
- SSL::SctSource¶
- Type
-
-
SSL::SCT_X509_EXT
¶ Signed Certificate Timestamp was encountered in the extension of an X.509 certificate.
-
SSL::SCT_TLS_EXT
¶ Signed Certificate Timestamp was encountered in an TLS session extension.
-
SSL::SCT_OCSP_EXT
¶ Signed Certificate Timestamp was encountered in the extension of an stapled OCSP reply.
-
List of the different sources for Signed Certificate Timestamp