Certificate Transparency: Per-profile CT verification

net/cert/ct_verifier.h

Index: net/cert/ct_verifier.h
diff --git a/net/cert/ct_verifier.h b/net/cert/ct_verifier.h
index 40631048ac32d21b41b5f220ee78e8c86f7aef4d..e2fa2740535dbd5e0debde49fb78717aa2195cc4 100644
--- a/net/cert/ct_verifier.h
+++ b/net/cert/ct_verifier.h
@@ -21,6 +21,7 @@ class CTLogVerifier;
 class X509Certificate;
 
 // Interface for verifying Signed Certificate Timestamps over a certificate.
+// The only known (non-test) implementation currently is MultiLogCTVerifier.
 class NET_EXPORT CTVerifier {
  public:
   class NET_EXPORT Observer {
@@ -30,6 +31,8 @@ class NET_EXPORT CTVerifier {
     // Signed Certificate Timestamp, |cert| is the certificate it applies to.
     // The certificate is needed to calculate the hash of the log entry,
     // necessary for checking inclusion in the log.
+    // Note: The observer may store the observed |cert| and |sct|, which are
+    // tied to a specific user profile, so it must be profile-specific.

[mmenke, 2015/11/20 17:23:58]

It's a layering violation for net/ to know about profiles...  So wait, this is
solely a (potential) property of the (Not yet written) Observers, and not the
MultiCTVerifier itself?

[Eran Messeri, 2015/11/23 12:34:38]

Correct - the observer implementation will live outside net/ (in
components/certificate_transparency)  and will be aware of profiles. Hopefully
that is sensible?
(Likely that the observer implementation will only get the URLRequestContext and
storage  path from the profile and will not be tightly coupled with code in
chrome/browser/profiles)

I have amended the documentation to reflect that.

     virtual void OnSCTVerified(X509Certificate* cert,
                                const ct::SignedCertificateTimestamp* sct) = 0;
   };