%% You should probably cite rfc9163 instead of this I-D. @techreport{ietf-httpbis-expect-ct-08, number = {draft-ietf-httpbis-expect-ct-08}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpbis-expect-ct/08/}, author = {estark@google.com}, title = {{Expect-CT Extension for HTTP}}, pagetotal = 18, year = 2018, month = dec, day = 9, abstract = {This document defines a new HTTP header field named "Expect-CT", which allows web host operators to instruct user agents (UAs) to expect valid Signed Certificate Timestamps (SCTs) to be served on connections to these hosts. Expect-CT allows web host operators to discover misconfigurations in their Certificate Transparency (CT) deployments. Further, web host operators can use Expect-CT to ensure that if a UA that supports Expect-CT accepts a misissued certificate, that certificate will be discoverable in Certificate Transparency logs.}, }