Skip to content

SANVerifier

saq.sandwich.proto.api.v1.SANVerifier

Description

Subject Alternative Names verifier.

This verifier is used when a tunnel is created in Sandwich. It is responsible for verifying that the identity presented by the remote peer matches the expected identity.

This is commonly used to verify the server's name in a TLS connection and to prevent mallory-in-the-middle attacks.

message SANVerifier {
  // Entries of expected Subject Alternative Names.
  //
  // See [SANMatcher](SANMatcher.md).
  repeated SANMatcher alt_names = 1;
}

Fields

alt_names

Entries of expected Subject Alternative Names.

See SANMatcher.

repeated SANMatcher alt_names = 1;