Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(185)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/ct_known_logs_static-inc.h

Issue 2108833005: Adds domain names for all qualified CT logs (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Slightly more documentation about DNS endpoints for logs Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/ct_known_logs.cc ('k') | net/cert/ct_log_verifier.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/ct_known_logs_static-inc.h
diff --git a/net/cert/ct_known_logs_static-inc.h b/net/cert/ct_known_logs_static-inc.h
index 783db760eadc3b9785b5e0f7ffc76eddd6f847cf..a45de2fad05fd360cabbfdc664cd70880b65d33d 100644
--- a/net/cert/ct_known_logs_static-inc.h
+++ b/net/cert/ct_known_logs_static-inc.h
@@ -10,12 +10,19 @@ struct CTLogInfo {
// The user-friendly log name.
// Note: This will not be translated.
const char* const log_name;
- // The API endpoint for the log.
+ // The HTTPS API endpoint for the log.
// Note: Trailing slashes should be included.
const char* const log_url;
+ // The DNS API endpoint for the log.
+ // This is used as the parent domain for all queries about the log.
+ // If empty, CT DNS queries are not supported for the log. This will prevent
+ // retrieval of inclusion proofs over DNS for SCTs from the log.
+ // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft-ct-over-dns.md.
+ const char* const log_dns_domain;
};
// The set of all presently-qualifying CT logs.
+// Google provides DNS frontends for all of the logs.
const CTLogInfo kCTLogList[] = {
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x7d\xa8\x4b\x12\x29\x80\xa3"
@@ -23,35 +30,40 @@ const CTLogInfo kCTLogList[] = {
"\x0c\xe8\x41\x46\xe8\x81\x01\x1b\x15\xe1\x4b\xf1\x1b\x62\xdd\x36\x0a"
"\x08\x18\xba\xed\x0b\x35\x84\xd0\x9e\x40\x3c\x2d\x9e\x9b\x82\x65\xbd"
"\x1f\x04\x10\x41\x4c\xa0",
- 91, "Google 'Pilot' log", "https://ct.googleapis.com/pilot/"},
+ 91, "Google 'Pilot' log", "https://ct.googleapis.com/pilot/",
+ "pilot.ct.googleapis.com"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xd7\xf4\xcc\x69\xb2\xe4\x0e"
"\x90\xa3\x8a\xea\x5a\x70\x09\x4f\xef\x13\x62\xd0\x8d\x49\x60\xff\x1b"
"\x40\x50\x07\x0c\x6d\x71\x86\xda\x25\x49\x8d\x65\xe1\x08\x0d\x47\x34"
"\x6b\xbd\x27\xbc\x96\x21\x3e\x34\xf5\x87\x76\x31\xb1\x7f\x1d\xc9\x85"
"\x3b\x0d\xf7\x1f\x3f\xe9",
- 91, "Google 'Aviator' log", "https://ct.googleapis.com/aviator/"},
+ 91, "Google 'Aviator' log", "https://ct.googleapis.com/aviator/",
+ "aviator.ct.googleapis.com"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x02\x46\xc5\xbe\x1b\xbb\x82"
"\x40\x16\xe8\xc1\xd2\xac\x19\x69\x13\x59\xf8\xf8\x70\x85\x46\x40\xb9"
"\x38\xb0\x23\x82\xa8\x64\x4c\x7f\xbf\xbb\x34\x9f\x4a\x5f\x28\x8a\xcf"
"\x19\xc4\x00\xf6\x36\x06\x93\x65\xed\x4c\xf5\xa9\x21\x62\x5a\xd8\x91"
"\xeb\x38\x24\x40\xac\xe8",
- 91, "DigiCert Log Server", "https://ct1.digicert-ct.com/log/"},
+ 91, "DigiCert Log Server", "https://ct1.digicert-ct.com/log/",
+ "digicert.ct.googleapis.com"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x20\x5b\x18\xc8\x3c\xc1\x8b"
"\xb3\x31\x08\x00\xbf\xa0\x90\x57\x2b\xb7\x47\x8c\x6f\xb5\x68\xb0\x8e"
"\x90\x78\xe9\xa0\x73\xea\x4f\x28\x21\x2e\x9c\xc0\xf4\x16\x1b\xaa\xf9"
"\xd5\xd7\xa9\x80\xc3\x4e\x2f\x52\x3c\x98\x01\x25\x46\x24\x25\x28\x23"
"\x77\x2d\x05\xc2\x40\x7a",
- 91, "Google 'Rocketeer' log", "https://ct.googleapis.com/rocketeer/"},
+ 91, "Google 'Rocketeer' log", "https://ct.googleapis.com/rocketeer/",
+ "rocketeer.ct.googleapis.com"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x96\xea\xac\x1c\x46\x0c\x1b"
"\x55\xdc\x0d\xfc\xb5\x94\x27\x46\x57\x42\x70\x3a\x69\x18\xe2\xbf\x3b"
"\xc4\xdb\xab\xa0\xf4\xb6\x6c\xc0\x53\x3f\x4d\x42\x10\x33\xf0\x58\x97"
"\x8f\x6b\xbe\x72\xf4\x2a\xec\x1c\x42\xaa\x03\x2f\x1a\x7e\x28\x35\x76"
"\x99\x08\x3d\x21\x14\x86",
- 91, "Symantec log", "https://ct.ws.symantec.com/"},
+ 91, "Symantec log", "https://ct.ws.symantec.com/",
+ "symantec.ct.googleapis.com"},
{"\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01"
"\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xa2"
"\x5a\x48\x1f\x17\x52\x95\x35\xcb\xa3\x5b\x3a\x1f\x53\x82\x76\x94\xa3"
@@ -70,14 +82,16 @@ const CTLogInfo kCTLogList[] = {
"\x05\xbf\x5f\xae\x94\x97\xdb\x5f\x64\xd4\xee\x16\x8b\xa3\x84\x6c\x71"
"\x2b\xf1\xab\x7f\x5d\x0d\x32\xee\x04\xe2\x90\xec\x41\x9f\xfb\x39\xc1"
"\x02\x03\x01\x00\x01",
- 294, "Venafi log", "https://ctlog.api.venafi.com/"},
+ 294, "Venafi log", "https://ctlog.api.venafi.com/",
+ "venafi.ct.googleapis.com"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xea\x95\x9e\x02\xff\xee\xf1"
"\x33\x6d\x4b\x87\xbc\xcd\xfd\x19\x17\x62\xff\x94\xd3\xd0\x59\x07\x3f"
"\x02\x2d\x1c\x90\xfe\xc8\x47\x30\x3b\xf1\xdd\x0d\xb8\x11\x0c\x5d\x1d"
"\x86\xdd\xab\xd3\x2b\x46\x66\xfb\x6e\x65\xb7\x3b\xfd\x59\x68\xac\xdf"
"\xa6\xf8\xce\xd2\x18\x4d",
- 91, "Symantec 'Vega' log", "https://vega.ws.symantec.com/"},
+ 91, "Symantec 'Vega' log", "https://vega.ws.symantec.com/",
+ "symantec-vega.ct.googleapis.com"},
{"\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01"
"\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xbf"
"\xb5\x08\x61\x9a\x29\x32\x04\xd3\x25\x63\xe9\xd8\x85\xe1\x86\xe0\x1f"
@@ -96,7 +110,8 @@ const CTLogInfo kCTLogList[] = {
"\x6f\xdf\x3c\x2c\x43\x57\xa1\x47\x0c\x91\x04\xf4\x75\x4d\xda\x89\x81"
"\xa4\x14\x06\x34\xb9\x98\xc3\xda\xf1\xfd\xed\x33\x36\xd3\x16\x2d\x35"
"\x02\x03\x01\x00\x01",
- 294, "CNNIC CT log", "https://ctserver.cnnic.cn/"}};
+ 294, "CNNIC CT log", "https://ctserver.cnnic.cn/",
+ "cnnic.ct.googleapis.com"}};
// Information related to previously-qualified, but now disqualified, CT
// logs.
@@ -123,7 +138,8 @@ const DisqualifiedCTLogInfo kDisqualifiedCTLogList[] = {
"\x11\xc4\x11\x17\xab\x5c\xcf\x0f\x74\xac\xb5\x97\x90\x93\x00\x5b\xb8"
"\xeb\xf7\x27\x3d\xd9\xb2\x0a\x81\x5f\x2f\x0d\x75\x38\x94\x37\x99\x1e"
"\xf6\x07\x76\xe0\xee\xbe",
- 91, "Izenpe log", "https://ct.izenpe.com/"},
+ 91, "Izenpe log", "https://ct.izenpe.com/",
+ "izenpe1.ct.googleapis.com"},
// 2016-05-30 00:00:00 UTC
base::TimeDelta::FromSeconds(1464566400),
},
@@ -136,7 +152,8 @@ const DisqualifiedCTLogInfo kDisqualifiedCTLogList[] = {
"\x8f\x01\x42\x0a\x7c\x98\x26\x27\xc1\xb5\xdd\x92\x93\xb0\xae\xf8\x9b"
"\x3d\x0c\xd8\x4c\x4e\x1d\xf9\x15\xfb\x47\x68\x7b\xba\x66\xb7\x25\x9c"
"\xd0\x4a\xc2\x66\xdb\x48",
- 91, "Certly.IO log", "https://log.certly.io/"},
+ 91, "Certly.IO log", "https://log.certly.io/",
+ "certly.ct.googleapis.com"},
// 2016-04-15 00:00:00 UTC
base::TimeDelta::FromSeconds(1460678400),
},
« no previous file with comments | « net/cert/ct_known_logs.cc ('k') | net/cert/ct_log_verifier.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698