Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(496)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1405383003: IsSecureTLSCipherSuite should not classify DHE_RSA as secure. (Closed)

Created:
5 years, 2 months ago by davidben
Modified:
5 years, 1 month ago
Reviewers:
agl, felt, Ryan Sleevi
CC:
chromium-reviews, cbentzel+watch_chromium.org, lgarron
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

IsSecureTLSCipherSuite should not classify DHE_RSA as secure. This makes the requirements for 'modern' ECDHE + AEAD, rather than PFS + AEAD. Given that we'd been hoping to ditch DHE for a while, we should at least get it out of the modern bucket. The HTTP/2 requirements stay the same since those are snapshotted into the spec already. Though early data says that no one uses HTTP/2 with DHE_RSA, which is good for removal prospects. BUG=538690 Committed: https://crrev.com/2937efc4b3cd071db278cbbe3c47c67d8567ec74 Cr-Commit-Position: refs/heads/master@{#356000}

Patch Set 1 #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+64 lines, -20 lines) Patch
M net/socket/ssl_client_socket.cc View 1 chunk +1 line, -1 line 0 comments Download
M net/socket/ssl_client_socket_nss.cc View 1 chunk +1 line, -1 line 0 comments Download
M net/spdy/spdy_session.cc View 1 chunk +1 line, -1 line 0 comments Download
M net/ssl/ssl_cipher_suite_names.h View 1 chunk +5 lines, -5 lines 0 comments Download
M net/ssl/ssl_cipher_suite_names.cc View 2 chunks +4 lines, -4 lines 0 comments Download
M net/ssl/ssl_cipher_suite_names_unittest.cc View 1 chunk +52 lines, -8 lines 1 comment Download

Messages

Total messages: 17 (5 generated)
davidben
Just realized that the little descriptor in the UI is pretty inconsistent with what we ...
5 years, 2 months ago (2015-10-16 21:39:19 UTC) #2
Ryan Sleevi
lgtm
5 years, 2 months ago (2015-10-16 21:40:36 UTC) #3
davidben
felt: Since it looks like you'll be back next week, I'll wait for you to ...
5 years, 2 months ago (2015-10-16 21:54:30 UTC) #4
agl
lgtm
5 years, 2 months ago (2015-10-16 21:59:35 UTC) #5
davidben
felt: friendly ping
5 years, 1 month ago (2015-10-22 22:48:49 UTC) #6
felt
On 2015/10/22 22:48:49, davidben (OOO 10-21 to 10-23) wrote: > felt: friendly ping sorry for ...
5 years, 1 month ago (2015-10-25 03:15:03 UTC) #7
felt
+cc lgarron as fyi
5 years, 1 month ago (2015-10-25 03:16:00 UTC) #9
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1405383003/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1405383003/1
5 years, 1 month ago (2015-10-25 16:46:39 UTC) #11
commit-bot: I haz the power
Try jobs failed on following builders: linux_android_rel_ng on tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_android_rel_ng/builds/86656)
5 years, 1 month ago (2015-10-25 18:22:10 UTC) #13
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1405383003/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1405383003/1
5 years, 1 month ago (2015-10-25 20:16:26 UTC) #15
commit-bot: I haz the power
Committed patchset #1 (id:1)
5 years, 1 month ago (2015-10-26 00:56:26 UTC) #16
commit-bot: I haz the power
5 years, 1 month ago (2015-10-26 00:57:51 UTC) #17
Message was sent while issue was closed. 
Patchset 1 (id:??) landed as
https://crrev.com/2937efc4b3cd071db278cbbe3c47c67d8567ec74
Cr-Commit-Position: refs/heads/master@{#356000}

Powered by Google App Engine
This is Rietveld 408576698