Addition of Certificate Transparency details to Security panel of DevTools

third_party/WebKit/Source/devtools/protocol.json

Index: third_party/WebKit/Source/devtools/protocol.json
diff --git a/third_party/WebKit/Source/devtools/protocol.json b/third_party/WebKit/Source/devtools/protocol.json
index f2d5a6bcef3ef9d33f7c1d540f54d6e74e070cdc..360384dcd3382f500084f7b51e5ace6c256e70cc 100644
--- a/third_party/WebKit/Source/devtools/protocol.json
+++ b/third_party/WebKit/Source/devtools/protocol.json
@@ -1313,6 +1313,22 @@
                 ]
             },
             {
+                "id": "SignedCertificateTimestamp",
+                "type" : "object",
+                "description": "Details of a signed certificate timestamp (SCT).",
+                "properties": [
+	                { "name": "status", "type": "string", "description": "Validation status." },
+	                { "name": "origin", "type": "string", "description": "Origin." },
+	                { "name": "version", "type": "string", "description": "Version." },
+	                { "name": "logDescription", "type": "string", "description": "Log name / description." },
+	                { "name": "logId", "type": "string", "description": "Log ID." },
+	                { "name": "timestamp", "$ref": "Timestamp", "description": "Issuance date." },
+	                { "name": "hashAlgorithm", "type": "string", "description": "Hash algorithm." },
+	                { "name": "signatureAlgorithm", "type": "string", "description": "Signature algorithm." },
+	                { "name": "signatureData", "type": "string", "description": "Signature data" }
+                ]
+            },
+            {
                 "id": "SecurityDetails",

[pfeldman, 2016/05/23 16:53:43]

This seems like a lot to send per request. What is this used for? Is this
information specific to individual request?

[estark, 2016/05/27 17:14:10]

This information is specific to each request, though generally all requests to
the same origin would have the same SignedCertificateTimestamps. We want to
display it in the per-request view of the Security panel, similar to how you can
see the certificate information for each request today.

What do you think of doing this instead: InspectorResourceAgent could hold on to
the SignedCertificateTimestamps for each request id, and when the security panel
wants to display the SCTs for a request, it sends a command asking for them.
Kind of similar to how getResponseBody() works... I wonder if we should even
store the SCTs on NetworkResourcesData::ResourceData?

                 "type": "object",
                 "description": "Security details about a request.",
@@ -1322,7 +1338,8 @@
                     { "name": "cipher", "type": "string", "description": "Cipher name." },
                     { "name": "mac", "type": "string", "optional": true, "description": "TLS MAC. Note that AEAD ciphers do not have separate MACs." },
                     { "name": "certificateId", "$ref": "CertificateId", "description": "Certificate ID value." },
-                    { "name": "certificateValidationDetails", "$ref": "CertificateValidationDetails", "optional": true, "description": "Validation details for the request's certficate." }
+                    { "name": "certificateValidationDetails", "$ref": "CertificateValidationDetails", "optional": true, "description": "Validation details for the request's certficate." },
+                    { "name": "signedCertificateTimestampList", "type": "array", "items": { "$ref": "SignedCertificateTimestamp" }, "description": "List of signed certificate timestamps (SCTs)." }
                 ]
             },
             {