| Index: chrome/browser/chromeos/settings/session_manager_operation.cc
|
| diff --git a/chrome/browser/chromeos/settings/session_manager_operation.cc b/chrome/browser/chromeos/settings/session_manager_operation.cc
|
| index ed847589209fa0736305c5404076c0db125bdf0a..4674d03f2f9300350037ff6927924b597d137ed0 100644
|
| --- a/chrome/browser/chromeos/settings/session_manager_operation.cc
|
| +++ b/chrome/browser/chromeos/settings/session_manager_operation.cc
|
| @@ -171,17 +171,7 @@ void SessionManagerOperation::ValidateDeviceSettings(
|
|
|
| if (cloud_validations_) {
|
| // Policy auto-generated by session manager doesn't include a timestamp, so
|
| - // the timestamp shouldn't be verified in that case.
|
| - //
|
| - // Additionally, offline devices can get their clock set backwards in time
|
| - // under some hardware conditions; checking the timestamp now could likely
|
| - // find a value in the future, and prevent the user from signing-in or
|
| - // starting guest mode. Tlsdate will eventually fix the clock when the
|
| - // device is back online, but the network configuration may come from device
|
| - // ONC.
|
| - //
|
| - // To prevent all of these issues the timestamp is just not verified when
|
| - // loading the device policy from session manager. Note that the timestamp
|
| + // the timestamp shouldn't be verified in that case. Note that the timestamp
|
| // is still verified during enrollment and when a new policy is fetched from
|
| // the server.
|
| //
|
|
|
Chromium Code Reviews
Issue 2820063005:
Remove the "not_after" validation of policy timestamps (Closed)
