net/data/ssl/certificates/README - Issue 724543002: Reject certificates that are valid for too long.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/data/ssl/certificates/README

Issue 724543002: Reject certificates that are valid for too long. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: An irrepressibly felicitous string. Created 5 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « net/data/ssl/certificates/61_months_after_2012_07.pem ('k') | net/data/ssl/certificates/pre_br_validity_bad_121.pem » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/data/ssl/certificates/README

diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README

index 5d1faf2602e93cac097843f2fd24e1b62a7401b7..fda6c5cf6c6e437041e9b44d5b2a5d1df8013d1e 100644

--- a/net/data/ssl/certificates/README

+++ b/net/data/ssl/certificates/README

@@ -70,6 +70,9 @@ unit tests.

- comodo.chain.pem : A certificate chain for www.comodo.com which should be

recognised as EV. Expires Jun 20 2015.

+-twitter-chain.pem : A certificate chain for twitter.com which should be

Ryan Sleevi 2015/01/26 20:10:57 nit: - twitter-chain (space in between)

palmer 2015/01/26 20:24:07 Done.

+valid. Expires May 9 2016.

===== Manually generated certificates

- client.p12 : A PKCS #12 file containing a client certificate and a private

key created for testing. The password is "12345".

@@ -129,8 +132,8 @@ unit tests.

- expired_cert.pem

- ok_cert.pem

- root_ca_cert.pem

- These certificates are the common certificates used by the Python test

- server for simulating HTTPS connections.

+ These certificates are the common certificates used by the Python test

+ server for simulating HTTPS connections.

- name_constraint_bad.pem

- name_constraint_good.pem

@@ -147,6 +150,23 @@ unit tests.

- punycodetest.pem : A test self-signed server certificate with punycode name.

The common name is "xn--wgv71a119e.com" (日本語.com)

+- 10_year_validity.pem

+- 11_year_validity.pem

+- 39_months_after_2015_04.pem

+- 40_months_after_2015_04.pem

+- 60_months_after_2012_07.pem

+- 61_months_after_2012_07.pem

+- pre_br_validity_bad_121.pem

+- pre_br_validity_bad_2020.pem

+- pre_br_validity_ok.pem

+- start_after_expiry.pem

+ Certs to test that the maximum validity durations set by the CA/Browser

+ Forum Baseline Requirements are enforced.

+- reject_intranet_hosts.pem

+ A certificate with a non-IANA delegated domain, which is rejected since a CA

+ cannot validate the applicant controls that domain.

===== From net/data/ssl/scripts/generate-weak-test-chains.sh

- 2048-rsa-root.pem

- {768-rsa,1024-rsa,2048-rsa,prime256v1-ecdsa}-intermediate.pem

@@ -252,5 +272,3 @@ unit tests.

containing the intermediate, which can be served via a URLRequestFilter.

aia-intermediate.der is stored in DER form for convenience, since that is

the form expected of certificates discovered via AIA.

« no previous file with comments | « net/data/ssl/certificates/61_months_after_2012_07.pem ('k') | net/data/ssl/certificates/pre_br_validity_bad_121.pem » ('j') | no next file with comments »