Feature request: Certificate transparency for Android
sublime392 opened this issue · 1 comments
sublime392 commented
As I understand it (absolutely could be wrong),
- Certificate pinning is on the outs, with Android explicitly recommending against it.
- Certificate transparency is a useful alternative to pinning.
- iOS supports certificate transparency by default, but Android does not. ( Noted halfway down this article from 2020 )
- This package supports everything http-related except for certificate transparency.
Assuming the above is correct, would it make sense for this package to support certificate transparency(CT), since CT seems to essentially be a replacement for pinning?
jerbob92 commented
To support certificate transparency we need to have support for it in okhttp, they don't seem to support it yet.
There seems to be a way to do it through an external library and use a network interceptor: https://github.com/appmattus/certificatetransparency/blob/main/docs/okhttp.md
If anyone wants to implement this I will accept PR's for it.