Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2510633003:
Add an escape hatch for the ECDSA CBC cipher removal. (Closed)
|
Created:
4 years, 1 month ago by davidben Modified:
4 years, 1 month ago Reviewers:
Ryan Sleevi CC:
chromium-reviews, cbentzel+watch_chromium.org Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionAdd an escape hatch for the ECDSA CBC cipher removal.
There are enough things going into Chrome 56 that this should have an
feature to restore the ciphers, should things go south.
BUG=658341
Committed: https://crrev.com/d406cdbcf3fac9986aae1f9aee48a2d902025e6e
Cr-Commit-Position: refs/heads/master@{#432813}
Patch Set 1 #
Total comments: 2
Patch Set 2 : add bug link #Messages
Total messages: 18 (10 generated)
The CQ bit was checked by davidben@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
davidben@chromium.org changed reviewers: + rsleevi@chromium.org
Description was changed from ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56, that this should have an feature to restore the ciphers, should things go south. BUG=658341 ========== to ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56 that this should have an feature to restore the ciphers, should things go south. BUG=658341 ==========
lgtm https://codereview.chromium.org/2510633003/diff/1/net/socket/ssl_client_socke... File net/socket/ssl_client_socket_impl.cc (right): https://codereview.chromium.org/2510633003/diff/1/net/socket/ssl_client_socke... net/socket/ssl_client_socket_impl.cc:225: // TODO(davidben): Remove this after the ECDSA CBC removal sticks. File a crbug? :) Also: In addition to not working on nacl, this won't work for Chromium. Is that a concern? Or not?
https://codereview.chromium.org/2510633003/diff/1/net/socket/ssl_client_socke... File net/socket/ssl_client_socket_impl.cc (right): https://codereview.chromium.org/2510633003/diff/1/net/socket/ssl_client_socke... net/socket/ssl_client_socket_impl.cc:225: // TODO(davidben): Remove this after the ECDSA CBC removal sticks. On 2016/11/17 04:06:28, Ryan Sleevi (at IETF til 11-20 wrote: > File a crbug? :) Done. > Also: In addition to not working on nacl, this won't work for Chromium. Is that > a concern? Or not? I think that's fine. This is the sort of thing where recovering from the problem on the server (deploy AEAD ciphers) is pretty straightforward and desirable anyway. This is just in case the volume is higher than expected and we need to roll back. Otherwise we'll end up with these kinds of removals not affecting Chromium.
The CQ bit was checked by davidben@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from rsleevi@chromium.org Link to the patchset: https://codereview.chromium.org/2510633003/#ps20001 (title: "add bug link")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: linux_chromium_chromeos_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
The CQ bit was checked by davidben@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56 that this should have an feature to restore the ciphers, should things go south. BUG=658341 ========== to ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56 that this should have an feature to restore the ciphers, should things go south. BUG=658341 ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001)
Message was sent while issue was closed.
Description was changed from ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56 that this should have an feature to restore the ciphers, should things go south. BUG=658341 ========== to ========== Add an escape hatch for the ECDSA CBC cipher removal. There are enough things going into Chrome 56 that this should have an feature to restore the ciphers, should things go south. BUG=658341 Committed: https://crrev.com/d406cdbcf3fac9986aae1f9aee48a2d902025e6e Cr-Commit-Position: refs/heads/master@{#432813} ==========
Message was sent while issue was closed.
Patchset 2 (id:??) landed as https://crrev.com/d406cdbcf3fac9986aae1f9aee48a2d902025e6e Cr-Commit-Position: refs/heads/master@{#432813} |
