TODO: Support Authority Information Access certificate extension (AIA)

Closes #2793
author: Daniel Stenberg <daniel@haxx.se> 2018-07-28 23:26:42 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2018-07-28 23:26:42 +0200
commit: 1fb8048abb25c211116bb147e2d80e25e47fd1cc (patch)
tree: a0dede127e4c093359c8a14ae5e0273f9124c470 /docs/TODO
parent: 10061f475e7251d66dd6e76f18c8643381b58965 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 269c93006..ec673f461 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -113,6 +113,7 @@
  13.7 improve configure --with-ssl
  13.8 Support DANE
  13.9 Configurable loading of OpenSSL configuration file
+ 13.10 Support Authority Information Access certificate extension (AIA)
  13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
  13.12 Support HSTS
  13.13 Support HPKP
@@ -779,6 +780,17 @@ that doesn't exist on the server, just like --ftp-create-dirs.
 
  See https://github.com/curl/curl/issues/2724
 
+13.10 Support Authority Information Access certificate extension (AIA)
+
+ AIA can provide various things like CRLs but more importantly information
+ about intermediate CA certificates that can allow validation path to be
+ fullfilled when the HTTPS server doesn't itself provide them.
+
+ Since AIA is about downloading certs on demand to complete a TLS handshake,
+ it is probably a bit tricky to get done right.
+
+ See https://github.com/curl/curl/issues/2793
+
 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
 
  CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root
author	Daniel Stenberg <daniel@haxx.se>	2018-07-28 23:26:42 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2018-07-28 23:26:42 +0200
commit	1fb8048abb25c211116bb147e2d80e25e47fd1cc (patch)
tree	a0dede127e4c093359c8a14ae5e0273f9124c470 /docs/TODO
parent	10061f475e7251d66dd6e76f18c8643381b58965 (diff)