third_party/tlslite/README.chromium - Issue 92443002: Extract Certificate Transparency SCTs from stapled OCSP responses

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/tlslite/README.chromium

Issue 92443002: Extract Certificate Transparency SCTs from stapled OCSP responses (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@extract_scts

Patch Set: rebase and wire extracted SCTs to the CT verifier Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 Name: tlslite	1 Name: tlslite

2 URL: http://trevp.net/tlslite/	2 URL: http://trevp.net/tlslite/

3 Version: 0.3.8	3 Version: 0.3.8

4 Security Critical: No	4 Security Critical: No

5 License: Public domain	5 License: Public domain

6	6

7 Local Modifications:	7 Local Modifications:

8	8

9 - patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force	9 - patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force

10 the socket to be closed when the SSL connection is closed. This is is	10 the socket to be closed when the SSL connection is closed. This is is

(...skipping 18 matching lines...) Expand all Loading...
29 Secure Transport library rejects an empty list and raises an SSL protocol	29 Secure Transport library rejects an empty list and raises an SSL protocol

30 error.	30 error.

31 - patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were	31 - patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were

32 updated to add a parseChain method, that can parse multiple certificates from	32 updated to add a parseChain method, that can parse multiple certificates from

33 a PEM string.	33 a PEM string.

34 - patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant serve r.	34 - patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant serve r.

35 - patches/channel_id.patch: add basic ChannelID support. (Signatures are not	35 - patches/channel_id.patch: add basic ChannelID support. (Signatures are not

36 checked.)	36 checked.)

37 - patches/signed_certificate_timestamps.patch: add support for sending Signed	37 - patches/signed_certificate_timestamps.patch: add support for sending Signed

38 Certificate Timestamps over a TLS extension.	38 Certificate Timestamps over a TLS extension.

	39 - patches/status_request.patch: add support for sending stapled OCSP responses.
	wtc 2013/12/03 01:18:06 Nit: can you combine this patch with the previous Nit: can you combine this patch with the previous patch? Ignore this suggestion if it's more work than it's worth. ekasper 2013/12/03 13:50:51 It's one 'git diff' but I don't think it makes sen Show quoted text On 2013/12/03 01:18:06, wtc wrote: > > Nit: can you combine this patch with the previous patch? > > Ignore this suggestion if it's more work than it's worth. It's one 'git diff' but I don't think it makes sense as OCSP stapling is functionally independent from CT, and useful without it. If tlslite were to get OCSP stapling support upstream then we could drop this patch but not the other one, etc.
OLD	NEW

« net/tools/testserver/minica.py ('K') | « net/tools/testserver/testserver.py ('k') | third_party/tlslite/patches/status_request.patch » ('j') | no next file with comments »