|
|
DescriptionHSTS preload list additions for Chrome 56.
BUG=
R=estark@chromium.org
TBR=palmer@chromium.org
Committed: https://chromium.googlesource.com/chromium/src/+/6f704bd822ebe8599498e5f27af401634f08fc38
Patch Set 1 #Patch Set 2 : Bulk entries and expect-* #
Created: 4 years, 1 month ago
(Patch set is too large to download)
Messages
Total messages: 21 (6 generated)
estark@chromium.org changed reviewers: + estark@chromium.org
Here are a couple Expect-CT/-Staple requests for M56: - ritter.vg and crypto.is for Expect-CT, reporting to the Google report uri - ritter.vg for Expect-Staple, with report-uri https://asac.casa/expectstaple.jsp (no includeSubdomains) - Dropbox wants to turn on Expect-CT with their own report uri, waiting to get the uri from them
On 2016/10/21 at 23:29:31, estark wrote: > Here are a couple Expect-CT/-Staple requests for M56: > > - ritter.vg and crypto.is for Expect-CT, reporting to the Google report uri > - ritter.vg for Expect-Staple, with report-uri https://asac.casa/expectstaple.jsp (no includeSubdomains) > - Dropbox wants to turn on Expect-CT with their own report uri, waiting to get the uri from them Thanks! 1) ritter.vg is not preloaded at all; do they want HSTS? 2) If any of these were requested via email, could you CC hstspreload@chromium.org on the thread for the record?
On 2016/10/21 23:29:31, estark wrote: > Here are a couple Expect-CT/-Staple requests for M56: > > - ritter.vg and crypto.is for Expect-CT, reporting to the Google report uri > - ritter.vg for Expect-Staple, with report-uri > https://asac.casa/expectstaple.jsp (no includeSubdomains) > - Dropbox wants to turn on Expect-CT with their own report uri, waiting to get > the uri from them Dropbox report-uri is http://log.getdropbox.com/log/expectct
On 2016/10/22 05:46:20, estark wrote: > On 2016/10/21 23:29:31, estark wrote: > > Here are a couple Expect-CT/-Staple requests for M56: > > > > - ritter.vg and crypto.is for Expect-CT, reporting to the Google report uri > > - ritter.vg for Expect-Staple, with report-uri > > https://asac.casa/expectstaple.jsp (no includeSubdomains) > > - Dropbox wants to turn on Expect-CT with their own report uri, waiting to get > > the uri from them > > Dropbox report-uri is http://log.getdropbox.com/log/expectct And that would be for www.dropbox.com
basket.namm@gmail.com changed reviewers: + basket.namm@gmail.com
Another request for M56, please: Expect-CT for googlegroups.com and www.googlegroups.com, reporting to https://clients3.google.com/ct_upload Thanks!
lgarron@chromium.org changed reviewers: - basket.namm@gmail.com
estark@, could you review?
FYI, the Dropbox expectct URL is http://; let me know if that's not intentional.
For the record I've made sure that all TransportSecurityStateTest.* unit tests pass, to avoid a repeat of https://crrev.com/2461313002 and https://crbug.com/660297.
> FYI, the Dropbox expectct URL is http://; let me know if that's not intentional. Good catch. I pinged Dev to check, but in the interest of getting this in before branch, I'd say preemptively change it to https, matching the Expect-Staple report uri. I would bet that that's what he intended to use. And if he did intend to use http, report-uri changes are small diffs so we can always change it and merge it back. On 2016/11/18 00:24:58, lgarron wrote: > For the record I've made sure that all TransportSecurityStateTest.* unit tests > pass, to avoid a repeat of https://crrev.com/2461313002 and > https://crbug.com/660297. I'd suggest running URLRequest* unit tests also, since there are hardcoded preload list report uris in url_request_unittest.cc too. (In fact, you might just want to run all of net_unittests, it doesn't take that long.)
lgtm % my previous comments
cc'ing Dev in case he happens to see this before my ping. Dev, did you want http:// or https:// for your Expect-CT report uri?
Description was changed from ========== HSTS preload list additions for Chrome 56. BUG= ========== to ========== HSTS preload list additions for Chrome 56. BUG= TBR=palmer@chromium.org ==========
Message was sent while issue was closed.
Description was changed from ========== HSTS preload list additions for Chrome 56. BUG= TBR=palmer@chromium.org ========== to ========== HSTS preload list additions for Chrome 56. BUG= R=estark@chromium.org TBR=palmer@chromium.org Committed: https://crrev.com/6f704bd822ebe8599498e5f27af401634f08fc38 Cr-Commit-Position: refs/heads/master@{#433018} ==========
Message was sent while issue was closed.
Patchset 2 (id:??) landed as https://crrev.com/6f704bd822ebe8599498e5f27af401634f08fc38 Cr-Commit-Position: refs/heads/master@{#433018}
Message was sent while issue was closed.
Description was changed from ========== HSTS preload list additions for Chrome 56. BUG= R=estark@chromium.org TBR=palmer@chromium.org Committed: https://crrev.com/6f704bd822ebe8599498e5f27af401634f08fc38 Cr-Commit-Position: refs/heads/master@{#433018} ========== to ========== HSTS preload list additions for Chrome 56. BUG= R=estark@chromium.org TBR=palmer@chromium.org Committed: https://chromium.googlesource.com/chromium/src/+/6f704bd822ebe8599498e5f27af4... ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001) manually as 6f704bd822ebe8599498e5f27af401634f08fc38 (presubmit successful).
Message was sent while issue was closed.
Ran URLRequest.* Also, log.getdropbox.com doesn't even respond over HTTP, so HTTPS sounds like the likely intention. |