]>
Commit | Line | Data |
---|---|---|
56f3f714 RP |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | ct - Certificate Transparency | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/ct.h> | |
10 | ||
11 | =head1 DESCRIPTION | |
12 | ||
13 | This library implements Certificate Transparency (CT) verification for TLS | |
14 | clients, as defined in RFC 6962. This verification can provide some confidence | |
15 | that a certificate has been publicly logged in a set of CT logs. | |
16 | ||
17 | By default, these checks are disabled. They can be enabled using | |
8b12a3e7 | 18 | SSL_CTX_ct_enable() or SSL_ct_enable(). |
56f3f714 RP |
19 | |
20 | This library can also be used to parse and examine CT data structures, such as | |
21 | Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are | |
22 | functions for: | |
23 | - decoding and encoding SCTs in DER and TLS wire format. | |
24 | - printing SCTs. | |
25 | - verifying the authenticity of SCTs. | |
26 | - loading a CT log list from a CONF file. | |
27 | ||
28 | =head1 SEE ALSO | |
29 | ||
30 | L<d2i_SCT_LIST(3)>, | |
31 | L<CTLOG_STORE_new(3)>, | |
cfd20f64 | 32 | L<CTLOG_STORE_get0_log_by_id(3)>, |
56f3f714 RP |
33 | L<SCT_new(3)>, |
34 | L<SCT_print(3)>, | |
56f3f714 | 35 | L<SCT_validate(3)>, |
9e183d22 RS |
36 | L<SCT_validate(3)>, |
37 | L<CT_POLICY_EVAL_CTX_new(3)>, | |
56f3f714 RP |
38 | L<SSL_CTX_set_ct_validation_callback(3)> |
39 | ||
32fa3da8 RP |
40 | =head1 HISTORY |
41 | ||
42 | This library was added in OpenSSL 1.1.0. | |
43 | ||
7a2c739c RP |
44 | =head1 COPYRIGHT |
45 | ||
9e183d22 | 46 | Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. |
7a2c739c RP |
47 | |
48 | Licensed under the OpenSSL license (the "License"). You may not use | |
49 | this file except in compliance with the License. You can obtain a copy | |
50 | in the file LICENSE in the source distribution or at | |
51 | L<https://www.openssl.org/source/license.html>. | |
52 | ||
56f3f714 | 53 | =cut |