Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(74)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/net_log_event_type_list.h

Issue 86503002: Certificate Transparency: Logging SCTs to the NetLog. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Addressing review comments Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/cert/ct_signed_certificate_timestamp_log_param.h » ('j') | net/cert/ct_signed_certificate_timestamp_log_param.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/net_log_event_type_list.h
diff --git a/net/base/net_log_event_type_list.h b/net/base/net_log_event_type_list.h
index f31bccae3656a6b07a77054f779b16d8c7dd63b9..b57fa3b0eccd538e9212958766a7dfa7eb8f0207 100644
--- a/net/base/net_log_event_type_list.h
+++ b/net/base/net_log_event_type_list.h
@@ -558,6 +558,38 @@ EVENT_TYPE(SOCKET_WRITE_ERROR)
// }
EVENT_TYPE(SSL_CERTIFICATES_RECEIVED)
+// Signed Certificate Timestamps were received from the server.
+// The following parameters are attached to the event:
+// {
+// "embedded_scts": Base64-encoded SignedCertificateTimestampList,
+// "scts_from_ocsp_response": Base64-encoded SignedCertificateTimestampList,
+// "scts_from_tls_extension": Base64-encoded SignedCertificateTimestampList,
+// }
+//
+// The SignedCertificateTimestampList is defined in RFC6962 and is exactly as
+// received from the server.
+EVENT_TYPE(SSL_SIGNED_CERTIFICATE_TIMESTAMPS_RECEIVED)
wtc 2013/11/27 16:00:58 Consider using "CT_" instead of "SSL_" for these e
eroman 2013/11/27 20:39:55 I actually like the name SSL_* here, as it is cons
Eran M. (Google) 2013/11/27 22:08:50 Dropped the SSL_ prefix. This should satisfy both
+
+// Signed Certificate Timestamps were checked.
+// The following parameters are attached to the event:
+// {
+// "verified_scts": <A list of SCTs>,
+// "failed_to_verify_scts": <A list of SCTs>,
+// "scts_from_unknown_logs": <A list of SCTs>,
+// }
+//
+// Where each SCT is an object:
+// {
+// "origin": <one of: embedded_in_certificate, tls_extension, ocsp>,
+// "version": <numeric version>,
+// "log_id": <base64-encoded log id>,
+// "timestamp": <numeric timestamp in milliseconds since epoch>,
wtc 2013/11/27 16:00:58 Nit: epoch => the Unix epoch
Eran M. (Google) 2013/11/27 22:08:50 Done.
+// "hash_algorithm": <numeric indicator of hash algorithm>,
+// "signature_algorithm": <numeric indicator of signature algorithm>,
wtc 2013/11/27 16:00:58 It may be worthwhile to convert the algorithm numb
Eran M. (Google) 2013/11/27 22:08:50 Done - outputting the names now.
+// "signature_data": <base64-encoded signature bytes>,
+// }
+EVENT_TYPE(SSL_SIGNED_CERTIFICATE_TIMESTAMPS_CHECKED)
+
// ------------------------------------------------------------------------
// DatagramSocket
// ------------------------------------------------------------------------
« no previous file with comments | « no previous file | net/cert/ct_signed_certificate_timestamp_log_param.h » ('j') | net/cert/ct_signed_certificate_timestamp_log_param.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698