LibTLS: Add references to RFC5246 for the verify procedure

Userland/Libraries/LibTLS/HandshakeClient.cpp

@@ -179,6 +179,7 @@ void TLSv12::build_rsa_pre_master_secret(PacketBuilder& builder)
     }
     m_context.premaster_key = premaster_key_result.release_value();
 
+    // RFC5246 section 7.4.2: The sender's certificate MUST come first in the list.
     auto& certificate = m_context.certificates.first();
     if constexpr (TLS_DEBUG) {
         dbgln("PreMaster secret");

Userland/Libraries/LibTLS/HandshakeServer.cpp

@@ -359,6 +359,7 @@ ssize_t TLSv12::verify_rsa_server_key_exchange(ReadonlyBytes server_key_info_buf
         dbgln("verify_rsa_server_key_exchange failed: Attempting to verify signature without certificates");
         return (i8)Error::NotSafe;
     }
+    // RFC5246 section 7.4.2: The sender's certificate MUST come first in the list.
     auto certificate_public_key = m_context.certificates.first().public_key;
     Crypto::PK::RSAPrivateKey dummy_private_key;
     auto rsa = Crypto::PK::RSA(certificate_public_key, dummy_private_key);

Userland/Libraries/LibTLS/TLSv12.cpp

@@ -233,6 +233,12 @@ bool Context::verify_chain(StringView host) const
         return false;
     }
 
+    // RFC5246 section 7.4.2: The sender's certificate MUST come first in the list. Each following certificate
+    // MUST directly certify the one preceding it. Because certificate validation requires that root keys be
+    // distributed independently, the self-signed certificate that specifies the root certificate authority MAY be
+    // omitted from the chain, under the assumption that the remote end must already possess it in order to validate
+    // it in any case.
+
     if (!host.is_empty()) {
         auto first_certificate = local_chain->first();
         auto subject_matches = certificate_subject_matches_host(first_certificate, host);