Hi, Since in RFC6962, the entry type in an SCTs is not explicit, one has to either guess or try both type in order to validate the SCTs.
Does it make sense to infer the entry type from the origin of the SCT? If the SCT is embedded in a cert, it has to be a precert entry. In case of an SCT in the TLS handshake, I would expect in most case it's an x509 entry. But are there any situations where having a SCT with precert entry in the TLS extension or OCSP response would make sense ? Thanks -- Fabrice _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
