mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 13:21:05 +00:00
3d9ab91ab0
Because CAs can back-date a certificate (i.e. set the "notBefore" field to earlier than when a certificate actually existed), the "notBefore" field can't be relied on when determining when CRLite information is recent enough to check a certificate with. To that end, this patch instead uses the earliest timestamp from the embedded SCTs in the certificate being checked. Differential Revision: https://phabricator.services.mozilla.com/D90599 |
||
---|---|---|
.. | ||
addons-public-intermediate.crt | ||
addons-public.crt | ||
addons-stage.crt | ||
AppSignatureVerification.cpp | ||
AppTrustDomain.cpp | ||
AppTrustDomain.h | ||
gen_cert_header.py | ||
moz.build |