chrome/app/policy/policy_templates.json - Issue 13132004: Implement Enterprise Key API.

Unified Diff: chrome/app/policy/policy_templates.json

Issue 13132004: Implement Enterprise Key API. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « no previous file | chrome/browser/chromeos/settings/cros_settings_names.h » ('j') | chrome/browser/extensions/api/enterprise_platform_keys_private/enterprise_platform_keys_private_api.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/app/policy/policy_templates.json

diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json

index b1ea37a29ee1f73df85907abd008cc44f5b82456..6271500f067551a8b6a3dd8280639cc58c71c731 100644

--- a/chrome/app/policy/policy_templates.json

+++ b/chrome/app/policy/policy_templates.json

@@ -112,7 +112,7 @@

# persistent IDs for all fields (but not for groups!) are needed. These are

# specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,

# because doing so would break the deployed wire format!

-# For your editing convenience: highest ID currently used: 198

+# For your editing convenience: highest ID currently used: 200

# Placeholders:

# The following placeholder strings are automatically substituted:

@@ -4500,6 +4500,45 @@

If not specified, will not modify the Variations seed URL.''',

+ {

+ 'name': 'Attestation',

+ 'type': 'group',

+ 'caption': 'Remote Attestation',

+ 'desc': 'Configure the remote attestation with TPM mechanism.',

+ 'policies': [

+ {

+ 'name': 'AttestationEnabledForUser',

+ 'type': 'main',

+ 'schema': { 'type': 'boolean' },

+ 'supported_on': ['chrome_os:28-'],

+ 'features': {

+ 'dynamic_refresh': True,

+ 'per_profile': True,

+ },

+ 'example_value': True,

+ 'id': 199,

+ 'caption': '''Enable remote attestation for the user.''',

+ 'desc': '''If true, the user can use the hardware on Chrome devices to remote attest its identity to the privacy CA via the Enterprise Platform Keys API chrome.enterprise.platformKeysPrivate.challengeUserKey(). If it is set to false, or if it is not set, calls to the API will be rejected.''',

Mattias Nissler (ping if slow) 2013/04/17 08:09:09 suggestion: "fail with an error code" instead of "

davidyu 2013/04/17 08:24:19 Done.

+ },

+ {

+ 'name': 'AttestationExtensionWhitelist',

+ 'type': 'list',

+ 'schema': {

+ 'type': 'array',

+ 'items': { 'type': 'string' },

+ },

+ 'supported_on': ['chrome_os:28-'],

+ 'features': {

+ 'dynamic_refresh': True,

+ 'per_profile': True,

+ },

+ 'example_value': ['ghdilpkmfbfdnomkmaiogjhjnggaggoi'],

+ 'id': 200,

+ 'caption': '''Extensions allowed to to use the remote attestation API.''',

+ 'desc': '''This policy specifies the allowed extensions to use Enterprise Platform Keys API chrome.enterprise.platformKeysPrivate.challengeUserKey() for remote attestation. Extensions must be added to this list to use the API. If an extension is not in the list, or the list is not set, the call to the API will be rejected.''',

Mattias Nissler (ping if slow) 2013/04/17 08:09:09 ditto

davidyu 2013/04/17 08:24:19 Done.

+ },

+ ],

+ },

'messages': {

# Messages that are not associated to any policies.