Post

Replies

Boosts

Views

Activity

Support for X.509 Authority Information Access extensions
Hi, I was wondering whether APIs such URLSession or SecTrustEvaluateWithError support the "Authority Information Access" X.509 extension (https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.1) when they are resolving certificate chains? ie. If a TLS server is not providing an intermediate certificate but its URI is specified by an AIA extension will URLSession (and SecTrustEvaluateWithError) be able to successfully validate the certificate chain? Local experiments seem to indicate URLSession might, but I can't find any definitive API documentation to confirm this. Thanks in advance, Rob
3
0
655
Aug ’21