Remove obsolete SHA-1 UX elements

components/security_state/content/content_utils.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/security_state/content/content_utils.h"
 
 #include <string>
 #include <vector>
 
 #include "base/memory/ptr_util.h"
@@ skipping 213 matching lines @@
   // the page, and the embedder can choose to display HTTPS page as HTTP
   // if it wants to (for example, displaying deprecated crypto
   // algorithms with the same UI treatment as HTTP pages).
   security_style_explanations->scheme_is_cryptographic =
       security_info.scheme_is_cryptographic;
   if (!security_info.scheme_is_cryptographic) {
     return security_style;
   }
 
   if (security_info.sha1_deprecation_status ==
-      security_state::DEPRECATED_SHA1_MAJOR) {
+      security_state::DEPRECATED_SHA1) {
     security_style_explanations->broken_explanations.push_back(

[estark, 2017/01/05 16:18:42]

I might be getting myself confused, but I think this should be in
|unauthenticated_explanations| (that field is badly named... it should be
|neutral_explanations| or something) and should only be included if there is no
cert error.

Usually SHA1 will be treated as a cert error and I don't know if we need a
special explanation for it; it will be covered by the generic certificate error
explanation on line 283. (Or maybe we want a special SHA1 explanation on line
283 if SHA1 is the only certificate error.)

This path here should explain the case where the security level is neutral when
the policy is set, which is why I think it should be in
|unauthenticated_explanations| and only when SHA1 isn't being treated as a cert
error.

         content::SecurityStyleExplanation(
-            l10n_util::GetStringUTF8(IDS_MAJOR_SHA1),
-            l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION),
-            !!security_info.certificate));
-  } else if (security_info.sha1_deprecation_status ==
-             security_state::DEPRECATED_SHA1_MINOR) {
-    security_style_explanations->unauthenticated_explanations.push_back(
-        content::SecurityStyleExplanation(
-            l10n_util::GetStringUTF8(IDS_MINOR_SHA1),
-            l10n_util::GetStringUTF8(IDS_MINOR_SHA1_DESCRIPTION),
+            l10n_util::GetStringUTF8(IDS_SHA1),
+            l10n_util::GetStringUTF8(IDS_SHA1_DESCRIPTION),
             !!security_info.certificate));
   }
 
   // Record the presence of mixed content (HTTP subresources on an HTTPS
   // page).
   security_style_explanations->ran_mixed_content =
       security_info.mixed_content_status ==
           security_state::CONTENT_STATUS_RAN ||
       security_info.mixed_content_status ==
           security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
@@ skipping 64 matching lines @@
     security_style_explanations->info_explanations.push_back(
         content::SecurityStyleExplanation(
             "Public-Key Pinning Bypassed",
             "Public-key pinning was bypassed by a local root certificate."));
   }
 
   return security_style;
 }
 
 }  // namespace security_state