denzilferreira
commented
1 year ago @mattmook let me know if you need more info to debug this. Thanks!
Closed denzilferreira closed 1 year ago
denzilferreira
commented
1 year ago @mattmook let me know if you need more info to debug this. Thanks!
denzilferreira
commented
1 year ago For context, v1.1.1 for the same URL reports all OK.
mattmook
commented
1 year ago hmm, that doesn't read right, let me take a look and see what I can see
mattmook
commented
1 year ago Oh misread the error, this will be because more than one of those SCTs is from the same operator.
Looks like I mis-interpreted the Chrome rules when I implemented the DefaultPolicy. I'm checking for 3 distinct operators, but, re-reading the policy should be only checking for 2 (always).
at least two SCTs must be issued from distinct CT Log Operators as recognized by Chrome.
denzilferreira
commented
1 year ago Thanks!
In development, we are upgrading the library to 2.1.1 (we also tried 2.0.0 and 2.1.0). We are seeing this error on the log, unable to connect to a valid URL:
If I'm understanding this correctly, we have 3 valid SCT, but found says it's only 2? Do you know if this is a bug?