Enhanced TLS and X509 tests
Tasks
Some possibilities for enhanced TLS and X509 tests:
-
TLS: -
TLS fingerprinting? -
TLS anti-fingerprinting? -
Option to skip checking of certificates (allowing self-signed certs). This is now available through the --no-tls_verifyparameter.
-
-
X.509: -
Option to collect/save TLS certificates. -
Report if cert is self-signed or not. -
Test if cert is CA-validated. -
Test if cert name or SAN has a sauteed onion. -
SNI test: whether a different certificate is retrieved if a dummy hostname is provided.
-
Originally at #76