Detect if duplicate certificates exist in certificate chain

Question

Detect if duplicate certificates exist in certificate chain

april opened this issue 6 years ago · 0 comments

I've run into a number of sites that include multiple copies of the leaf certificate in the certificate_list. As near as I can tell, this doesn't cause issues with modern clients, but it still increases the size of the handshake and is in violation of the RFC.

It would be nice if the TLS Observatory would at least produce a warning in this case.