зеркало из https://github.com/mozilla/gecko-dev.git
7c5c99fcce
When doing TLS session resumption, the AuthCertificate hook is bypassed, which means that the front-end doesn't know whether or not to show the EV indicator. To deal with this, the platform attempts an EV verification. Before this patch, this verification lacked much of the original context (e.g. stapled OCSP responses, SCTs, the hostname, and in particular the first-party origin key). Furthermore, it was unclear from a code architecture standpoint that a full verification was even occurring. This patch brings the necessary context to the verification and makes it much more clear that it is happening. It also takes the opportunity to remove some unnecessary EV-related fields and information in code and data structures that don't require it. MozReview-Commit-ID: LTmZU4Z1YXL --HG-- extra : rebase_source : 7db702f2037fae83c87fbb6aca75b4420544dff9 |
||
---|---|---|
.. | ||
en-US/chrome | ||
jar.mn | ||
moz.build |