Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(60)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2927383002: Remove the StartCom/WoSign whitelist (Closed)

Created:
3 years, 6 months ago by Ryan Sleevi
Modified:
3 years, 6 months ago
Reviewers:
awhalley, davidben
CC:
chromium-reviews, cbentzel+watch_chromium.org, net-reviews_chromium.org, felt, asymmetric_chromium.org
Target Ref:
refs/heads/master
Project:
chromium
Visibility:
Public.

Description

Remove the StartCom/WoSign whitelist This fully removes trust in WoSign and StartCom, as announced at https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html BUG=731838 Review-Url: https://codereview.chromium.org/2927383002 Cr-Commit-Position: refs/heads/master@{#478768} Committed: https://chromium.googlesource.com/chromium/src/+/8c640b21a3e2c560e33a5a2f4b186b87fa40301b

Patch Set 1 #

Patch Set 2 : Remove EV and unneeded test files #

Total comments: 7

Patch Set 3 : Rebased #

Patch Set 4 : Fix BUILD.gn #

Patch Set 5 : Headers #

Unified diffs Side-by-side diffs Delta from patch set Stats (+37 lines, -4169 lines) Patch
M net/BUILD.gn View 1 2 3 6 chunks +0 lines, -22 lines 0 comments Download
M net/cert/cert_verify_proc.cc View 1 2 3 4 2 chunks +1 line, -7 lines 0 comments Download
M net/cert/cert_verify_proc_blacklist.inc View 7 chunks +31 lines, -3 lines 0 comments Download
D net/cert/cert_verify_proc_whitelist.h View 1 chunk +0 lines, -42 lines 0 comments Download
D net/cert/cert_verify_proc_whitelist.cc View 1 chunk +0 lines, -129 lines 0 comments Download
D net/cert/cert_verify_proc_whitelist_unittest.cc View 1 chunk +0 lines, -103 lines 0 comments Download
D net/cert/cert_verify_proc_whitelist_unittest1.gperf View 1 chunk +0 lines, -9 lines 0 comments Download
M net/cert/ev_root_ca_metadata.cc View 1 1 chunk +0 lines, -14 lines 0 comments Download
A + net/data/ssl/blacklist/4b22d5a6aec99f3cdb79aa5ec06838479cd5ecba7164f7f22dc1d65f63d85708.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/7d8ce822222b90c0b14342c7a8145d1f24351f4d1a1fe0edfd312ee73fb00149.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/8b45da1c06f791eb0cabf26be588f5fb23165c2e614bf885562d0dce50b29b02.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
M net/data/ssl/blacklist/README.md View 1 chunk +13 lines, -0 lines 0 comments Download
A + net/data/ssl/blacklist/c766a9bef2d4071c863a31aa4920e813b2d198608cb7b7cfe21143b836df09ea.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/c7ba6567de93a798ae1faa791e712d378fae1f93c4397fea441bb7cbe6fd5995.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/d487a56f83b07482e85e963394c1ecc2c9e51d0903ee946b02c301581ed99e16.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/d6f034bd94aa233f0297eca4245b283973e447aa590f310c77f48fdf83112254.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
A + net/data/ssl/blacklist/e17890ee09a3fbf4f48b9c414a17d637b7a50647e9bc752322727fcc1742a911.pem View 0 chunks +-1 lines, --1 lines 0 comments Download
M net/data/ssl/certificates/README View 1 1 chunk +0 lines, -5 lines 0 comments Download
D net/data/ssl/certificates/wosign_after_oct_21.pem View 1 1 chunk +0 lines, -39 lines 0 comments Download
D net/data/ssl/certificates/wosign_before_oct_21.pem View 1 1 chunk +0 lines, -48 lines 0 comments Download
D net/data/ssl/wosign/4b22d5a6aec99f3cdb79aa5ec06838479cd5ecba7164f7f22dc1d65f63d85708.pem View 1 chunk +0 lines, -120 lines 0 comments Download
D net/data/ssl/wosign/7d8ce822222b90c0b14342c7a8145d1f24351f4d1a1fe0edfd312ee73fb00149.pem View 1 chunk +0 lines, -84 lines 0 comments Download
D net/data/ssl/wosign/8b45da1c06f791eb0cabf26be588f5fb23165c2e614bf885562d0dce50b29b02.pem View 1 chunk +0 lines, -50 lines 0 comments Download
D net/data/ssl/wosign/BUILD.gn View 1 chunk +0 lines, -18 lines 0 comments Download
D net/data/ssl/wosign/README.md View 1 chunk +0 lines, -19 lines 0 comments Download
D net/data/ssl/wosign/c766a9bef2d4071c863a31aa4920e813b2d198608cb7b7cfe21143b836df09ea.pem View 1 chunk +0 lines, -148 lines 0 comments Download
D net/data/ssl/wosign/c7ba6567de93a798ae1faa791e712d378fae1f93c4397fea441bb7cbe6fd5995.pem View 1 chunk +0 lines, -118 lines 0 comments Download
D net/data/ssl/wosign/d487a56f83b07482e85e963394c1ecc2c9e51d0903ee946b02c301581ed99e16.pem View 1 chunk +0 lines, -78 lines 0 comments Download
D net/data/ssl/wosign/d6f034bd94aa233f0297eca4245b283973e447aa590f310c77f48fdf83112254.pem View 1 chunk +0 lines, -119 lines 0 comments Download
D net/data/ssl/wosign/e17890ee09a3fbf4f48b9c414a17d637b7a50647e9bc752322727fcc1742a911.pem View 1 chunk +0 lines, -146 lines 0 comments Download
D net/data/ssl/wosign/wosign_domains.gperf View 1 chunk +0 lines, -2856 lines 0 comments Download

Messages

Total messages: 29 (18 generated)
Ryan Sleevi
Andrew: For your review Adrienne: FYI
3 years, 6 months ago (2017-06-09 19:56:03 UTC) #2
awhalley
lgtm https://codereview.chromium.org/2927383002/diff/20001/net/cert/cert_verify_proc_blacklist.inc File net/cert/cert_verify_proc_blacklist.inc (right): https://codereview.chromium.org/2927383002/diff/20001/net/cert/cert_verify_proc_blacklist.inc#newcode22 net/cert/cert_verify_proc_blacklist.inc:22: // c7ba6567de93a798ae1faa791e712d378fae1f93c4397fea441bb7cbe6fd5995.pem Note to self: StartCom Certification Authority ...
3 years, 6 months ago (2017-06-12 18:31:29 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2927383002/20001
3 years, 6 months ago (2017-06-12 18:34:26 UTC) #6
commit-bot: I haz the power
Try jobs failed on following builders: android_cronet on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/android_cronet/builds/158166) mac_chromium_rel_ng on master.tryserver.chromium.mac (JOB_FAILED, ...
3 years, 6 months ago (2017-06-12 18:43:39 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2927383002/60001
3 years, 6 months ago (2017-06-12 18:52:06 UTC) #11
commit-bot: I haz the power
Try jobs failed on following builders: android_cronet on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/android_cronet/builds/158183) cast_shell_linux on master.tryserver.chromium.linux (JOB_FAILED, ...
3 years, 6 months ago (2017-06-12 19:02:36 UTC) #13
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2927383002/80001
3 years, 6 months ago (2017-06-12 20:46:21 UTC) #20
Ryan Sleevi
davidben: For sanity checking the //net cleanup :)
3 years, 6 months ago (2017-06-12 20:47:58 UTC) #23
davidben
lgtm
3 years, 6 months ago (2017-06-12 21:07:57 UTC) #24
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2927383002/80001
3 years, 6 months ago (2017-06-12 21:10:48 UTC) #26
commit-bot: I haz the power
3 years, 6 months ago (2017-06-12 21:17:50 UTC) #29
Message was sent while issue was closed. 
Committed patchset #5 (id:80001) as
https://chromium.googlesource.com/chromium/src/+/8c640b21a3e2c560e33a5a2f4b18...

Powered by Google App Engine
This is Rietveld 408576698