chrome/app/generated_resources.grd

Index: chrome/app/generated_resources.grd
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index f2bd017eead31244feef9a9cbfc3689776daa912..0e6cc0f0afcdfe986bae6ec1aebafab57f834df7 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -15630,6 +15630,39 @@ After you create a new supervised user, you can manage their settings at any tim
           Your printer is ready.
         </message>
       </if>
+
+      <!-- Strings describing Chrome security policy for DevTools security panel -->
+      <message name="IDS_BROKEN_SHA1" desc="Summary phrase for a security problem where the site's certificate expires in 2017 or later and contains a SHA1 signature in the chain.">
+        SHA-1 Certificate
+      </message>
+      <message name="IDS_BROKEN_SHA1_DESCRIPTION" desc="Description of a security problem where the site's certificate expires in 2017 or later and contains a SHA1 signature in the chain.">
+        The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.
+      </message>
+      <message name="IDS_WARNING_SHA1" desc="Summary phrase for a security problem where the site's certificate expires in 2016 and contains a SHA1 signature in the chain.">
+        SHA-1 Certificate
+      </message>
+      <message name="IDS_WARNING_SHA1_DESCRIPTION" desc="Description of a security problem where the site's certificate expires in 2016 and contains a SHA1 signature in the chain.">
+        The certificate for this site expires in 2016, and the certificate chain contains a certificate signed using SHA-1.

[Peter Kasting, 2015/06/16 06:29:10]

Seems like from a user's perspective these first two could be combined into a
single "2016 or later" warning.

[estark, 2015/06/16 15:32:34]

2017-or-later and 2016 get different UI treatments; the former is a broken red
lock and the latter is a yellow badge (warning/dubious lock). And in terms of
the devtools security panel, the former becomes a "broken explanation"
(explanation for why we are showing a red lock), while the latter becomes a
"warning" explanation (explanation for why we are showing a yellow lock).

+      </message>
+      <message name="IDS_PASSIVE_MIXED_CONTENT" desc="Summary phrase of a security problem where the site displayed passive mixed content.">
+        Mixed Content
+      </message>
+      <message name="IDS_PASSIVE_MIXED_CONTENT_DESCRIPTION" desc="Description of a security problem where the site displayed passive mixed content.">
+        The site includes HTTP resources.
+      </message>
+      <message name="IDS_ACTIVE_MIXED_CONTENT" desc="Summary phrase for a security problem where site ran active mixed content.">
+        Mixed Content
+      </message>
+      <message name="IDS_ACTIVE_MIXED_CONTENT_DESCRIPTION" desc="Description of a security problem where site ran active mixed content.">
+        You have recently allowed insecure scripts to run on this site.
+      </message>
+      <message name="IDS_CERTIFICATE_CHAIN_ERROR" desc="Summary phrase for a security problem with the site's certificate.">
+        Certificate Error
+      </message>
+      <message name="IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT" desc="Description of a security problem with the site's certificate.">
+        There are issues with the site's certificate chain (<ph name="CERT_ERROR_DESCRIPTION">$1<ex>NET::ERR_CERT_AUTHORITY_INVALID</ex></ph>).

[Peter Kasting, 2015/06/16 06:29:10]

Nit: Wouldn't it be "net::"?

[estark, 2015/06/16 15:32:34]

Done.

(I thought these were all net::ErrorToString() outputs were all caps because I
saw them printed in all caps on SSL interstitials, but turns out it's just an
all-caps font.)

+      </message>
+
     </messages>
   </release>
 </grit>