For some applications, the client code may need information about the SSL/TLS negociation which is normally obtained from or with the TLS context.
Typically may be needed:
- the server certificate,
- the server public key,
- the validation status (client / server, with possibly the CA chain that validated them).
Since drakma uses various implementations for SSL/TLS, it would be nice if it provided an API to obtain the information that is available from the TLS context, notably:
- get-ssl-peer-certificate (generic function)
- get-ssl-verify-result (generic function)
(eg. see 11.8 in: https://franz.com/support/documentation/9.0/doc/socket.htm#ssl-1)
This issue is linked to #115
I would suggest to add two opaque objects in the result values of http-request one for the socket information, and one (optional) for this security information, with the reader API to query them.
For some applications, the client code may need information about the SSL/TLS negociation which is normally obtained from or with the TLS context.
Typically may be needed:
Since drakma uses various implementations for SSL/TLS, it would be nice if it provided an API to obtain the information that is available from the TLS context, notably:
(eg. see 11.8 in: https://franz.com/support/documentation/9.0/doc/socket.htm#ssl-1)
This issue is linked to #115
I would suggest to add two opaque objects in the result values of http-request one for the socket information, and one (optional) for this security information, with the reader API to query them.