TLS Extension

tls_extension

The TLS Extension object describes additional attributes that extend the base Transport Layer Security (TLS) object.

Contents

Attributes

Caption Name Type Is Array Default Description
Data data JSON The data contains information specific to the particular extension type.
Raw Data raw_data JSON The event data as received from the event source.
Record ID record_id String Unique identifier for the object
Type type String The TLS extension type. For example: Server Name.
Type ID type_id Integer 0 The TLS extension type identifier. See The Transport Layer Security (TLS) extension page.
0
server_name
1
maximum_fragment_length
5
status_request
10
supported_groups
13
signature_algorithms
14
use_srtp
15
heartbeat
16
application_layer_protocol_negotiation
18
signed_certificate_timestamp
19
client_certificate_type
20
server_certificate_type
21
padding
41
pre_shared_key
42
early_data
43
supported_versions
44
cookie
45
psk_key_exchange_modes
47
certificate_authorities
48
oid_filters
49
post_handshake_auth
50
signature_algorithms_cert
51
key_share
99
Other
Unmapped Data unmapped Unmapped The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.

Context

TLS Extension

JSON

            
{
  "caption": "TLS Extension",
  "description": "The TLS Extension object describes additional attributes that extend the base Transport Layer Security (TLS) object.",
  "extends": "object",
  "name": "tls_extension",
  "attributes": {
    "data": {
      "description": "The data contains information specific to the particular extension type.",
      "requirement": "recommended",
      "caption": "Data",
      "type": "json_t"
    },
    "type": {
      "description": "The TLS extension type. For example: <code>Server Name</code>.",
      "requirement": "optional",
      "caption": "Type",
      "type": "string_t"
    },
    "type_id": {
      "description": "The TLS extension type identifier. See <a target='_blank' href='https://datatracker.ietf.org/doc/html/rfc8446#page-35'>The Transport Layer Security (TLS) extension page</a>.",
      "requirement": "required",
      "enum": {
        "0": {
          "caption": "server_name",
          "description": "The Server Name Indication extension."
        },
        "1": {
          "caption": "maximum_fragment_length",
          "description": "The Maximum Fragment Length Negotiation extension."
        },
        "5": {
          "caption": "status_request",
          "description": "The Certificate Status Request extension."
        },
        "10": {
          "caption": "supported_groups",
          "description": "The Supported Groups extension."
        },
        "13": {
          "caption": "signature_algorithms",
          "description": "The Signature Algorithms extension."
        },
        "14": {
          "caption": "use_srtp",
          "description": "The Use SRTP data protection extension."
        },
        "15": {
          "caption": "heartbeat",
          "description": "The Heartbeat extension."
        },
        "16": {
          "caption": "application_layer_protocol_negotiation",
          "description": "The Application-Layer Protocol Negotiation extension."
        },
        "18": {
          "caption": "signed_certificate_timestamp",
          "description": "The Signed Certificate Timestamp extension."
        },
        "19": {
          "caption": "client_certificate_type",
          "description": "The Client Certificate Type extension."
        },
        "20": {
          "caption": "server_certificate_type",
          "description": "The Server Certificate Type extension."
        },
        "21": {
          "caption": "padding",
          "description": "The Padding extension."
        },
        "41": {
          "caption": "pre_shared_key",
          "description": "The Pre Shared Key extension."
        },
        "42": {
          "caption": "early_data",
          "description": "The Early Data extension."
        },
        "43": {
          "caption": "supported_versions",
          "description": "The Supported Versions extension."
        },
        "44": {
          "caption": "cookie",
          "description": "The Cookie extension."
        },
        "45": {
          "caption": "psk_key_exchange_modes",
          "description": "The Pre-Shared Key Exchange Modes extension."
        },
        "47": {
          "caption": "certificate_authorities",
          "description": "The Certificate Authorities extension."
        },
        "48": {
          "caption": "oid_filters",
          "description": "The OID Filters extension."
        },
        "49": {
          "caption": "post_handshake_auth",
          "description": "The Post-Handshake Client Authentication extension."
        },
        "50": {
          "caption": "signature_algorithms_cert",
          "description": "The Signature Algorithms extension."
        },
        "51": {
          "caption": "key_share",
          "description": "The Key Share extension."
        },
        "99": {
          "caption": "Other",
          "description": "The type is not mapped. See the <code>type</code> attribute, which contains a data source specific value."
        }
      },
      "caption": "Type ID",
      "sibling": "type",
      "type": "integer_t",
      "default": 0
    },
    "raw_data": {
      "group": "context",
      "caption": "Raw Data",
      "description": "The event data as received from the event source.",
      "type": "json_t"
    },
    "record_id": {
      "description": "Unique identifier for the object",
      "group": "primary",
      "requirement": "required",
      "caption": "Record ID",
      "type": "string_t"
    },
    "unmapped": {
      "caption": "Unmapped Data",
      "description": "The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.",
      "type": "unmapped",
      "is_array": true
    }
  }
}