Make it a fatal SSL error when encountering certs signed with md[2,4], and interstitial md5

net/base/x509_certificate_win.cc

Index: net/base/x509_certificate_win.cc
diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc
index 5c53a15bb55e39144d80d3fff9a6995a1a3074fa..e31504fa8c6e9b94ebc8e42802bcd610f393a957 100644
--- a/net/base/x509_certificate_win.cc
+++ b/net/base/x509_certificate_win.cc
@@ -799,14 +799,6 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
   verify_result->cert_status |= MapCertChainErrorStatusToCertStatus(
       chain_context->TrustStatus.dwErrorStatus);
 
-  // Treat certificates signed using broken signature algorithms as invalid.
-  if (verify_result->has_md4)
-    verify_result->cert_status |= CERT_STATUS_INVALID;
-
-  // Flag certificates signed using weak signature algorithms.
-  if (verify_result->has_md2)
-    verify_result->cert_status |= CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;

[wtc, 2011/10/24 22:36:42]

Why don't we preserve the use of CERT_STATUS_INVALID for
broken and CERT_STATUS_WEAK_SIGNATURE_ALGORITHM for
weak (but not broken) algorithms, and just move MD2 to
the broken category and add MD5 to the weak category?

[Ryan Sleevi, 2011/10/24 23:16:32]

How about a new error code? Is there any measurable cost of using one?

This goes back to the more/better diagnostics side - if/when people encounter
this message, or the interstitial, it seems useful to know why. Especially
if/when the MD5 kill-bit is turned on.

-
   // Flag certificates that have a Subject common name with a NULL character.
   if (CertSubjectCommonNameHasNull(cert_handle_))
     verify_result->cert_status |= CERT_STATUS_INVALID;