Josh-Cena
commented
1 month ago Welcoming a PR to add a link to RFC 6962 and saying it's what browsers currently implement, but we should keep mentioning that RFC 9162 is the up-to-date normative document and 6962 is in fact obsoleted.
MDN URL
https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency
What specific section or headline is this issue about?
No response
What information was incorrect, unhelpful, or incomplete?
The first paragraph states that Certificate Transparency (CT) is defined in RFC 9162. That RFC defines a version of CT that is incompatible with the version of CT that is actually deployed on the Web today. All CT logs and consumers implement a version of CT that is defined in RFC 6962. There are no plans to adopt RFC 9162.
What did you expect to see?
I expected it to reference RFC 6962, since that is the version deployed today.
Do you have any supporting links, references, or citations?
https://www.rfc-editor.org/rfc/rfc6962
Apple and Chrome CT policies both reference RFC 6962:
https://support.apple.com/en-us/103703
https://googlechrome.github.io/CertificateTransparency/log_policy.html
Do you have anything more you want to share?
No response
MDN metadata
Page report details
* Folder: `en-us/web/security/certificate_transparency` * MDN URL: https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency * GitHub URL: https://github.com/mdn/content/blob/main/files/en-us/web/security/certificate_transparency/index.md * Last commit: https://github.com/mdn/content/commit/e03b13c7e157ec7b7bb02a6c7c4854b862195905 * Document last modified: 2024-07-30T04:48:57.000Z