Chromium Code Reviews Chromium Code Reviews
Issue 2448943004:
Add experimental feature info to certificate reports (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This protobuffer is intended to store reports from Chrome users of | 5 // This protobuffer is intended to store reports from Chrome users of |
| 6 // certificate errors. A report will be sent from Chrome when it gets | 6 // certificate errors. A report will be sent from Chrome when it gets |
| 7 // e.g. a certificate for google.com that chains up to a root CA not expected by | 7 // e.g. a certificate for google.com that chains up to a root CA not expected by |
| 8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or | 8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or |
| 9 // other pinning errors such as a blacklisted cert in the chain, or | 9 // other pinning errors such as a blacklisted cert in the chain, or |
| 10 // (when opted in) other certificate validation errors like an expired | 10 // (when opted in) other certificate validation errors like an expired |
| (...skipping 26 matching lines...) Expand all Loading... | |
| 37 } | 37 } |
| 38 | 38 |
| 39 // The type of interstitial that was shown | 39 // The type of interstitial that was shown |
| 40 optional InterstitialReason interstitial_reason = 1; | 40 optional InterstitialReason interstitial_reason = 1; |
| 41 // True if the user clicked through to the offending website | 41 // True if the user clicked through to the offending website |
| 42 optional bool user_proceeded = 2; | 42 optional bool user_proceeded = 2; |
| 43 // True if the user was shown an option to click through | 43 // True if the user was shown an option to click through |
| 44 optional bool overridable = 3; | 44 optional bool overridable = 3; |
| 45 } | 45 } |
| 46 | 46 |
| 47 // Contains information about features that are enabled/disabled that | |
| 48 // might affect certificate validation. | |
| 49 message CertLoggerFeaturesInfo { | |
| 50 message NetworkTimeQueryingInfo { | |
| 51 // True if the network time querying feature is enabled. | |
| 52 optional bool network_time_queries_enabled = 1; | |
| 53 | |
| 54 // The experimental parameter controlling the behavior of network time | |
| 55 // queries (whether they happen on-demand when a certificate date error is | |
| 56 // encountered, in the background, or both). | |
| 57 enum NetworkTimeFetchBehavior { | |
| 58 NETWORK_TIME_FETCHES_UNKNOWN = 0; | |
| 59 NETWORK_TIME_FETCHES_BACKGROUND_ONLY = 1; | |
| 60 NETWORK_TIME_FETCHES_ON_DEMAND_ONLY = 2; | |
| 61 NETWORK_TIME_FETCHES_IN_BACKGROUND_AND_ON_DEMAND = 3; | |
| 62 } | |
| 63 optional NetworkTimeFetchBehavior network_time_query_behavior = 2; | |
| 64 } | |
| 65 | |
| 66 optional NetworkTimeQueryingInfo network_time_querying_info = 2; | |
|
battre (please use the other)
2016/11/11 21:32:08
Nit: = 1?
estark
2016/11/11 22:24:38
1 is assigned to |network_time_queries_enabled| on
| |
| 67 } | |
| 68 | |
| 47 message CertLoggerRequest { | 69 message CertLoggerRequest { |
| 48 // The hostname being accessed (required as the cert could be valid for | 70 // The hostname being accessed (required as the cert could be valid for |
| 49 // multiple hosts, e.g. a wildcard or a SubjectAltName. | 71 // multiple hosts, e.g. a wildcard or a SubjectAltName. |
| 50 required string hostname = 1; | 72 required string hostname = 1; |
| 51 // The certificate chain as a series of PEM-encoded certificates, including | 73 // The certificate chain as a series of PEM-encoded certificates, including |
| 52 // intermediates but not necessarily the root. | 74 // intermediates but not necessarily the root. |
| 53 required string cert_chain = 2; | 75 required string cert_chain = 2; |
| 54 // The time (in usec since the epoch) when the client attempted to access the | 76 // The time (in usec since the epoch) when the client attempted to access the |
| 55 // site generating the pinning error. | 77 // site generating the pinning error. |
| 56 required int64 time_usec = 3; | 78 required int64 time_usec = 3; |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 91 // series of PEM-encoded certificates. Can be different than | 113 // series of PEM-encoded certificates. Can be different than |
| 92 // |cert_chain|, which is the chain the client built during | 114 // |cert_chain|, which is the chain the client built during |
| 93 // verification. | 115 // verification. |
| 94 optional string unverified_cert_chain = 8; | 116 optional string unverified_cert_chain = 8; |
| 95 | 117 |
| 96 // True if the certificate was rooted at a standard CA root ,as opposed to a | 118 // True if the certificate was rooted at a standard CA root ,as opposed to a |
| 97 // user-installed root, but is only meaningful if the underlying certificate | 119 // user-installed root, but is only meaningful if the underlying certificate |
| 98 // validation library built a trusted chain (i.e. the Chrome net stack set the | 120 // validation library built a trusted chain (i.e. the Chrome net stack set the |
| 99 // error, not the library). | 121 // error, not the library). |
| 100 optional bool is_issued_by_known_root = 9; | 122 optional bool is_issued_by_known_root = 9; |
| 123 | |
| 124 // Information about features that were enabled or disabled for the | |
| 125 // user that might affect certificate validation. | |
| 126 optional CertLoggerFeaturesInfo features_info = 10; | |
| 101 }; | 127 }; |
| OLD | NEW |
