OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_CT_POLICY_STATUS_H | 5 #ifndef NET_CERT_CT_POLICY_STATUS_H |
6 #define NET_CERT_CT_POLICY_STATUS_H | 6 #define NET_CERT_CT_POLICY_STATUS_H |
7 | 7 |
8 namespace net { | 8 namespace net { |
9 | 9 |
10 namespace ct { | 10 namespace ct { |
11 | 11 |
| 12 // Information about the connection's compliance with the CT |
| 13 // certificate policy. |
| 14 enum class CertPolicyCompliance { |
| 15 // The connection complied with the certificate policy by |
| 16 // including SCTs that satisfy the policy. |
| 17 CERT_POLICY_COMPLIES_VIA_SCTS = 0, |
| 18 // The connection did not have enough SCTs to comply. |
| 19 CERT_POLICY_NOT_ENOUGH_SCTS, |
| 20 // The connection did not have diverse enough SCTs to comply. |
| 21 CERT_POLICY_NOT_DIVERSE_SCTS, |
| 22 // The connection cannot be considered compliant because the build |
| 23 // isn't timely and therefore log information might be out of date |
| 24 // (for example a log might no longer be considered trustworthy). |
| 25 CERT_POLICY_BUILD_NOT_TIMELY, |
| 26 }; |
| 27 |
12 // Information about a connection's compliance with the CT EV | 28 // Information about a connection's compliance with the CT EV |
13 // certificate policy. | 29 // certificate policy. |
| 30 // This enum is histogrammed, so do not remove or reorder values. |
14 enum class EVPolicyCompliance { | 31 enum class EVPolicyCompliance { |
15 // The certificate was not EV, so the EV policy doesn't apply. | 32 // The certificate was not EV, so the EV policy doesn't apply. |
16 EV_POLICY_DOES_NOT_APPLY, | 33 EV_POLICY_DOES_NOT_APPLY = 0, |
17 // The connection complied with the EV certificate policy by being | 34 // The connection complied with the EV certificate policy by being |
18 // included on the EV whitelist. | 35 // included on the EV whitelist. |
19 EV_POLICY_COMPLIES_VIA_WHITELIST, | 36 EV_POLICY_COMPLIES_VIA_WHITELIST, |
20 // The connection complied with the EV certificate policy by | 37 // The connection complied with the EV certificate policy by |
21 // including SCTs that satisfy the policy. | 38 // including SCTs that satisfy the policy. |
22 EV_POLICY_COMPLIES_VIA_SCTS, | 39 EV_POLICY_COMPLIES_VIA_SCTS, |
23 // The connection did not have enough SCTs to retain its EV | 40 // The connection did not have enough SCTs to retain its EV |
24 // status. | 41 // status. |
25 EV_POLICY_NOT_ENOUGH_SCTS, | 42 EV_POLICY_NOT_ENOUGH_SCTS, |
26 // The connection did not have diverse enough SCTs to retain its | 43 // The connection did not have diverse enough SCTs to retain its |
27 // EV status. | 44 // EV status. |
28 EV_POLICY_NOT_DIVERSE_SCTS, | 45 EV_POLICY_NOT_DIVERSE_SCTS, |
29 // The connection cannot be considered compliant because the build | 46 // The connection cannot be considered compliant because the build |
30 // isn't timely and therefore log information might be out of date | 47 // isn't timely and therefore log information might be out of date |
31 // (for example a log might no longer be considered trustworthy). | 48 // (for example a log might no longer be considered trustworthy). |
32 EV_POLICY_BUILD_NOT_TIMELY, | 49 EV_POLICY_BUILD_NOT_TIMELY, |
| 50 EV_POLICY_MAX, |
33 }; | 51 }; |
34 | 52 |
35 } // namespace ct | 53 } // namespace ct |
36 | 54 |
37 } // namespace net | 55 } // namespace net |
38 | 56 |
39 #endif // NET_CERT_CT_POLICY_STATUS_H | 57 #endif // NET_CERT_CT_POLICY_STATUS_H |
OLD | NEW |