search

klippa-app / nativescript-http

The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning
MIT License
35 stars 14 forks source link

Feature request: Certificate transparency for Android #81

Open sublime392 opened 2 years ago

sublime392 commented 2 years ago

As I understand it (absolutely could be wrong),

  1. Certificate pinning is on the outs, with Android explicitly recommending against it.
  2. Certificate transparency is a useful alternative to pinning.
  3. iOS supports certificate transparency by default, but Android does not. ( Noted halfway down this article from 2020 )
  4. This package supports everything http-related except for certificate transparency.

Assuming the above is correct, would it make sense for this package to support certificate transparency(CT), since CT seems to essentially be a replacement for pinning?

jerbob92 commented 1 year ago

To support certificate transparency we need to have support for it in okhttp, they don't seem to support it yet.

There seems to be a way to do it through an external library and use a network interceptor: https://github.com/appmattus/certificatetransparency/blob/main/docs/okhttp.md

If anyone wants to implement this I will accept PR's for it.