Skip to content

Feature request: API to obtain the results of the SSL/TLS negociation #116

New issue
New issue
Open
Open
Feature request: API to obtain the results of the SSL/TLS negociation#116
@informatimago

Description

@informatimago
informatimago
opened on Sep 11, 2021

For some applications, the client code may need information about the SSL/TLS negociation which is normally obtained from or with the TLS context.

Typically may be needed:

  • the server certificate,
  • the server public key,
  • the validation status (client / server, with possibly the CA chain that validated them).

Since drakma uses various implementations for SSL/TLS, it would be nice if it provided an API to obtain the information that is available from the TLS context, notably:

  • get-ssl-peer-certificate (generic function)
  • get-ssl-verify-result (generic function)

(eg. see 11.8 in: https://franz.com/support/documentation/9.0/doc/socket.htm#ssl-1)

This issue is linked to #115

I would suggest to add two opaque objects in the result values of http-request one for the socket information, and one (optional) for this security information, with the reader API to query them.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions