BIN: analyse-headers: Add more notes to expect-ct description
As pointed out by <Dom Ingram>, the expect-ct is likely to become obsolete in June 2012 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT
This commit is contained in:
Jonathan Hodgson
parent
bf132e16c2
commit
039f4e2270
1 changed files with 7 additions and 1 deletions
|
|
@ -313,7 +313,13 @@ to check for potential breakages\n\n"
|
||||||
elif ! echo "$value" | grep -q "enforce"; then
|
elif ! echo "$value" | grep -q "enforce"; then
|
||||||
echo "Expect-CT" | drawInBox
|
echo "Expect-CT" | drawInBox
|
||||||
wecho "The enforce directive was not found. It can be useful to omit \
|
wecho "The enforce directive was not found. It can be useful to omit \
|
||||||
this whilst testing the header, but should be added once testing has finished.\n\n"
|
this whilst testing the header, but should be added once testing has finished.
|
||||||
|
Without the enforce directive, the browser will not refuse connections that \
|
||||||
|
violate the Certificate Transparency policy.
|
||||||
|
The Expect-CT will likely become obsolete in June 2021. Since May 2018 new \
|
||||||
|
certificates are expected to support SCTs by default. Certificates before \
|
||||||
|
March 2018 were allowed to have a lifetime of 39 months, those will all be \
|
||||||
|
expired in June 2021.\n\n"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue