Dela via


3.3.1.17 Per ServerCertificateMappingEntry

The server implements the following:

  • ServerName: A server name in the form of a DNS name, IPv4 address, or IPv6 address.

  • Certificate: An ASN.1 encoded X.509 certificate, sent by the client for the server to be authenticated when the server receives a connection attempt from the client over QUIC. The certificate MUST allow lookup using its thumbprint. Thumbprint is the SHA1 hash of the certificate.

  • AccessControlList: A list of AccessControlEntry entries. Each AccessControlEntry contains 2 tuples:

  • “allow” or “deny” value.

  • SHA256 hash of the certificate or Issuer name

  • RequireClientAuthentication: A Boolean that, if set, requires the client to authenticate itself to the server for a connection to be established over QUIC.

  • SkipClientCertificateAccessCheck: A Boolean that, if set, access check is not performed over AccessControlList entries.

  • AllowNamedPipe: A Boolean that, if set, indicates that opening named pipe is allowed.