| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_CT_POLICY_STATUS_H_ | 5 #ifndef NET_CERT_CT_POLICY_STATUS_H_ |
| 6 #define NET_CERT_CT_POLICY_STATUS_H_ | 6 #define NET_CERT_CT_POLICY_STATUS_H_ |
| 7 | 7 |
| 8 namespace net { | 8 namespace net { |
| 9 | 9 |
| 10 namespace ct { | 10 namespace ct { |
| 11 | 11 |
| 12 // Information about the connection's compliance with the CT | 12 // Information about the connection's compliance with the CT |
| 13 // certificate policy. | 13 // certificate policy. |
| 14 enum class CertPolicyCompliance { | 14 enum class CertPolicyCompliance { |
| 15 // The connection complied with the certificate policy by | 15 // The connection complied with the certificate policy by |
| 16 // including SCTs that satisfy the policy. | 16 // including SCTs that satisfy the policy. |
| 17 CERT_POLICY_COMPLIES_VIA_SCTS = 0, | 17 CERT_POLICY_COMPLIES_VIA_SCTS = 0, |
| 18 // The connection did not have enough SCTs to comply. | 18 // The connection did not have enough SCTs to comply. |
| 19 CERT_POLICY_NOT_ENOUGH_SCTS, | 19 CERT_POLICY_NOT_ENOUGH_SCTS, |
| 20 // The connection did not have diverse enough SCTs to comply. | 20 // The connection did not have diverse enough SCTs to comply. |
| 21 CERT_POLICY_NOT_DIVERSE_SCTS, | 21 CERT_POLICY_NOT_DIVERSE_SCTS, |
| 22 // The connection cannot be considered compliant because the build | 22 // The connection cannot be considered compliant because the build |
| 23 // isn't timely and therefore log information might be out of date | 23 // isn't timely and therefore log information might be out of date |
| 24 // (for example a log might no longer be considered trustworthy). | 24 // (for example a log might no longer be considered trustworthy). |
| 25 CERT_POLICY_BUILD_NOT_TIMELY, | 25 CERT_POLICY_BUILD_NOT_TIMELY, |
| 26 }; | 26 }; |
| 27 | 27 |
| 28 // Information about a connection's compliance with the CT EV | |
| 29 // certificate policy. | |
| 30 // This enum is histogrammed, so do not remove or reorder values. | |
| 31 enum class EVPolicyCompliance { | |
| 32 // The certificate was not EV, so the EV policy doesn't apply. | |
| 33 EV_POLICY_DOES_NOT_APPLY = 0, | |
| 34 // The connection complied with the EV certificate policy by being | |
| 35 // included on the EV whitelist. | |
| 36 EV_POLICY_COMPLIES_VIA_WHITELIST, | |
| 37 // The connection complied with the EV certificate policy by | |
| 38 // including SCTs that satisfy the policy. | |
| 39 EV_POLICY_COMPLIES_VIA_SCTS, | |
| 40 // The connection did not have enough SCTs to retain its EV | |
| 41 // status. | |
| 42 EV_POLICY_NOT_ENOUGH_SCTS, | |
| 43 // The connection did not have diverse enough SCTs to retain its | |
| 44 // EV status. | |
| 45 EV_POLICY_NOT_DIVERSE_SCTS, | |
| 46 // The connection cannot be considered compliant because the build | |
| 47 // isn't timely and therefore log information might be out of date | |
| 48 // (for example a log might no longer be considered trustworthy). | |
| 49 EV_POLICY_BUILD_NOT_TIMELY, | |
| 50 EV_POLICY_MAX, | |
| 51 }; | |
| 52 | |
| 53 } // namespace ct | 28 } // namespace ct |
| 54 | 29 |
| 55 } // namespace net | 30 } // namespace net |
| 56 | 31 |
| 57 #endif // NET_CERT_CT_POLICY_STATUS_H_ | 32 #endif // NET_CERT_CT_POLICY_STATUS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2937563002:
Remove the EV Certs Whitelist (Closed)
