mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/security/certverifier
История
J.C. Jones c1babbf4e1 Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler 
This adds the pref "security.pki.distrust_ca_policy" which, if set to 1,
enforces the graduated distrust from Bug 1409257, and if set to 0 (as it is in
this patch) disables that distrust.

This pref is intended to outlast the Symantec distrust, and instead be able to
extend to enable/disable future root policy actions. It would need its own
tests for that, in the future.

MozReview-Commit-ID: BAZfkapysfX

--HG--
extra : rebase_source : 02b00aa486e9f8efb81b32d38d80db5cae86bc6e
 		2018-02-27 16:04:51 -07:00
..
tests/gtest Bug 1440029 - Add a test for TrustOverrideUtils.h r=keeler 2018-02-21 16:54:52 -05:00
BRNameMatchingPolicy.cpp
BRNameMatchingPolicy.h
BTInclusionProof.h Bug 1343202 - Utility function for decoding an InclusionProof structure; r=ckerschb,keeler 2017-08-18 09:50:49 +02:00
BTVerifier.cpp Bug 1343202 - Utility function for decoding an InclusionProof structure; r=ckerschb,keeler 2017-08-18 09:50:49 +02:00
BTVerifier.h Bug 1343202 - Utility function for decoding an InclusionProof structure; r=ckerschb,keeler 2017-08-18 09:50:49 +02:00
Buffer.cpp Bug 1343202 - Move Buffer definition into its own file; r=keeler,rbarnes 2017-08-17 09:23:29 +02:00
Buffer.h Bug 1343202 - Move Buffer definition into its own file; r=keeler,rbarnes 2017-08-17 09:23:29 +02:00
CTDiversityPolicy.cpp
CTDiversityPolicy.h
CTKnownLogs.h bug 1349312 - part 1/2: patch CT implementation to include debug-only test logs r=Cykesiopka,jcj 2017-04-19 14:02:26 -07:00
CTLog.h
CTLogVerifier.cpp bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj 2017-04-11 14:11:28 -07:00
CTLogVerifier.h bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj 2017-04-11 14:11:28 -07:00
CTObjectsExtractor.cpp
CTObjectsExtractor.h
CTPolicyEnforcer.cpp
CTPolicyEnforcer.h
CTSerialization.cpp Bug 1343202 - Utility function for decoding an InclusionProof structure; r=ckerschb,keeler 2017-08-18 09:50:49 +02:00
CTSerialization.h
CTUtils.h Bug 1343202 - Utility function for decoding an InclusionProof structure; r=ckerschb,keeler 2017-08-18 09:50:49 +02:00
CTVerifyResult.cpp
CTVerifyResult.h
CertVerifier.cpp Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler 2018-02-27 16:04:51 -07:00
CertVerifier.h Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler 2018-02-27 16:04:51 -07:00
ExtendedValidation.cpp bug 1421084 - part 1/4 - remove now-unnecessary nsNSSShutDownPreventionLock r=mt,ttaubert 2018-01-23 10:37:47 -08:00
ExtendedValidation.h bug 1421084 - part 4/4 - remove nsNSSShutDown.h and (hopefully) all references to it r=mt,ttaubert 2018-01-24 14:44:01 -08:00
MultiLogCTVerifier.cpp
MultiLogCTVerifier.h
NSSCertDBTrustDomain.cpp Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler 2018-02-27 16:04:51 -07:00
NSSCertDBTrustDomain.h Bug 1437754 - Add a pref and disable the Symantec distrust algorithm r=keeler 2018-02-27 16:04:51 -07:00
OCSPCache.cpp
OCSPCache.h
OCSPRequestor.cpp Bug 870698 - Part 1: Replace Assign("") with AssignLiteral(""). r=erahm 2017-09-03 22:12:56 -07:00
OCSPRequestor.h
OCSPVerificationTrustDomain.cpp
OCSPVerificationTrustDomain.h
SignedCertificateTimestamp.cpp Bug 1343202 - Move Buffer definition into its own file; r=keeler,rbarnes 2017-08-17 09:23:29 +02:00
SignedCertificateTimestamp.h Bug 1343202 - Move Buffer definition into its own file; r=keeler,rbarnes 2017-08-17 09:23:29 +02:00
SignedTreeHead.h
TrustOverride-AppleGoogleDigiCertData.inc Bug 1434300 - Add the DigiCert whitelisted SPKIs r=keeler 2018-02-21 14:08:59 -05:00
TrustOverride-GlobalSignData.inc Bug 1409259 - Refactor "TrustOverrides" header for existing trust overrides r=keeler 2017-10-16 23:17:52 -07:00
TrustOverride-StartComAndWoSignData.inc Bug 1409259 - Refactor "TrustOverrides" header for existing trust overrides r=keeler 2017-10-16 23:17:52 -07:00
TrustOverride-SymantecData.inc Bug 1434300 - Add a utility to match certificates based on SPKI r=fkiefer,keeler 2018-02-21 14:08:44 -05:00
TrustOverride-TestImminentDistrustData.inc Bug 1439378 - Re-enable the imminent distrust browser-console test r=fkiefer,keeler 2018-02-26 15:55:35 -07:00
TrustOverrideUtils.h Bug 1434300 - Change Symantec Distrust Algorithm's whitelist to SPKI-matching r=fkiefer,keeler 2018-02-21 14:08:47 -05:00
moz.build Bug 785440 - Disable warning C4324 when building security/certverifier. r=keeler 2018-02-11 00:32:14 -05:00