| Index: net/data/ssl/wosign/README.md
|
| diff --git a/net/data/ssl/wosign/README.md b/net/data/ssl/wosign/README.md
|
| deleted file mode 100644
|
| index 2c53dafbdf1d9cc21f3debbd9b06f6b99bc52c15..0000000000000000000000000000000000000000
|
| --- a/net/data/ssl/wosign/README.md
|
| +++ /dev/null
|
| @@ -1,19 +0,0 @@
|
| -# WoSign Certificates
|
| -
|
| -This directory contains the set of known active and legacy root certificates
|
| -operated by WoSign CA Limited, including those of its wholly owned subisiary
|
| -StartCom.
|
| -
|
| -Trust in these root certificates is being phased out, as described at
|
| -<https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html>
|
| -
|
| -## Roots
|
| -
|
| -The files in this directory are organized by the SHA-256 hash of the
|
| -certificate file, while the policies are based on the SHA-256 hash of
|
| -the subjectPublicKeyInfo contained within the certificate.
|
| -
|
| -The following command can be used to extract the key hashes:
|
| -
|
| -`` for f in *.pem; do openssl x509 -noout -pubkey -in "${f}" | openssl asn1parse -inform pem -out /tmp/pubkey.out -noout; digest=`cat /tmp/pubkey.out | openssl dgst -sha256 -c | sed s/:/,0x/g `; echo "0x${digest} ${f##*/}"; done | sort ``
|
| -
|
|
|
Chromium Code Reviews
Issue 2927383002:
Remove the StartCom/WoSign whitelist (Closed)
