Remove the StartCom/WoSign whitelist

net/cert/cert_verify_proc_whitelist.h

-// Copyright (c) 2015 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef NET_CERT_CERT_VERIFY_PROC_WHITELIST_H_
-#define NET_CERT_CERT_VERIFY_PROC_WHITELIST_H_
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include "base/strings/string_piece.h"
-#include "crypto/sha2.h"
-#include "net/base/hash_value.h"
-#include "net/base/net_export.h"
-
-namespace net {
-
-class X509Certificate;
-
-// Returns true if |cert| has been issued by a CA that is constrained from
-// issuing new certificates and |cert| is not within the whitelist of
-// existing certificates. Returns false if |cert| was issued by an
-// unconstrained CA or if it was in the whitelist for that
-// CA.
-// |cert| should be the verified certificate chain, with |public_key_hashes|
-// being the set of hashes of the SPKIs within the verified chain, and
-// |hostname| as the GURL-normalized hostname.
-bool NET_EXPORT_PRIVATE
-IsNonWhitelistedCertificate(const X509Certificate& cert,
-                            const HashValueVector& public_key_hashes,
-                            base::StringPiece hostname);
-
-// Returns true if |host| is in (or a subdomain of) a whitelisted host
-// in |graph|, which is a DAFSA constructed by
-// //net/tools/dafsa/make_dafsa.py that is |graph_length| bytes long.
-bool NET_EXPORT_PRIVATE IsWhitelistedHost(const unsigned char* graph,
-                                          size_t graph_length,
-                                          base::StringPiece host);
-
-}  // namespace net
-
-#endif  // NET_CERT_CERT_VERIFY_PROC_WHITELIST_H_