OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_CT_POLICY_STATUS_H_ | 5 #ifndef NET_CERT_CT_POLICY_STATUS_H_ |
6 #define NET_CERT_CT_POLICY_STATUS_H_ | 6 #define NET_CERT_CT_POLICY_STATUS_H_ |
7 | 7 |
8 namespace net { | 8 namespace net { |
9 | 9 |
10 namespace ct { | 10 namespace ct { |
11 | 11 |
12 // Information about the connection's compliance with the CT | 12 // Information about the connection's compliance with the CT |
13 // certificate policy. | 13 // certificate policy. |
14 enum class CertPolicyCompliance { | 14 enum class CertPolicyCompliance { |
15 // The connection complied with the certificate policy by | 15 // The connection complied with the certificate policy by |
16 // including SCTs that satisfy the policy. | 16 // including SCTs that satisfy the policy. |
17 CERT_POLICY_COMPLIES_VIA_SCTS = 0, | 17 CERT_POLICY_COMPLIES_VIA_SCTS = 0, |
18 // The connection did not have enough SCTs to comply. | 18 // The connection did not have enough SCTs to comply. |
19 CERT_POLICY_NOT_ENOUGH_SCTS, | 19 CERT_POLICY_NOT_ENOUGH_SCTS, |
20 // The connection did not have diverse enough SCTs to comply. | 20 // The connection did not have diverse enough SCTs to comply. |
21 CERT_POLICY_NOT_DIVERSE_SCTS, | 21 CERT_POLICY_NOT_DIVERSE_SCTS, |
22 // The connection cannot be considered compliant because the build | 22 // The connection cannot be considered compliant because the build |
23 // isn't timely and therefore log information might be out of date | 23 // isn't timely and therefore log information might be out of date |
24 // (for example a log might no longer be considered trustworthy). | 24 // (for example a log might no longer be considered trustworthy). |
25 CERT_POLICY_BUILD_NOT_TIMELY, | 25 CERT_POLICY_BUILD_NOT_TIMELY, |
26 }; | 26 }; |
27 | 27 |
28 // Information about a connection's compliance with the CT EV | |
29 // certificate policy. | |
30 // This enum is histogrammed, so do not remove or reorder values. | |
31 enum class EVPolicyCompliance { | |
32 // The certificate was not EV, so the EV policy doesn't apply. | |
33 EV_POLICY_DOES_NOT_APPLY = 0, | |
34 // The connection complied with the EV certificate policy by being | |
35 // included on the EV whitelist. | |
36 EV_POLICY_COMPLIES_VIA_WHITELIST, | |
37 // The connection complied with the EV certificate policy by | |
38 // including SCTs that satisfy the policy. | |
39 EV_POLICY_COMPLIES_VIA_SCTS, | |
40 // The connection did not have enough SCTs to retain its EV | |
41 // status. | |
42 EV_POLICY_NOT_ENOUGH_SCTS, | |
43 // The connection did not have diverse enough SCTs to retain its | |
44 // EV status. | |
45 EV_POLICY_NOT_DIVERSE_SCTS, | |
46 // The connection cannot be considered compliant because the build | |
47 // isn't timely and therefore log information might be out of date | |
48 // (for example a log might no longer be considered trustworthy). | |
49 EV_POLICY_BUILD_NOT_TIMELY, | |
50 EV_POLICY_MAX, | |
51 }; | |
52 | |
53 } // namespace ct | 28 } // namespace ct |
54 | 29 |
55 } // namespace net | 30 } // namespace net |
56 | 31 |
57 #endif // NET_CERT_CT_POLICY_STATUS_H_ | 32 #endif // NET_CERT_CT_POLICY_STATUS_H_ |
OLD | NEW |