Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-27 12:15:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d3e4a052d9
gecko-dev/security/certverifier
History
David Keeler f60f796fb1 bug 1356623 - remove now-unnecessary CNNIC certificate whitelist r=jcj 
As a result of CNNIC issuing an unconstrained intermediate certificate that
misissued an end-entity certificate for google.com (see bug 1146026 and
bug 1177209), we implemented a system that would in theory enable Firefox to
continue to trust certificates that were valid at the time but not newly issued
certificates. This consisted of a whitelist added in bug 1151512. The CNNIC
roots have since been removed from NSS in bug 1380868. We can now remove the
whitelist in Firefox.

MozReview-Commit-ID: 7VXOuvwzbct

--HG--
extra : rebase_source : 20e6e39c40417a9b7f2962e06cf9de85e3e08ee8
2017-08-03 16:17:11 -07:00
..
tests/gtest bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj 2017-04-11 14:11:28 -07:00
BRNameMatchingPolicy.cpp
BRNameMatchingPolicy.h
CertVerifier.cpp Bug 1368107 - Remove TransportSecurityInfo::GetHostNameRaw(). r=keeler 2017-06-03 13:35:51 +08:00
CertVerifier.h Bug 1368107 - Remove TransportSecurityInfo::GetHostNameRaw(). r=keeler 2017-06-03 13:35:51 +08:00
CTDiversityPolicy.cpp
CTDiversityPolicy.h
CTKnownLogs.h bug 1349312 - part 1/2: patch CT implementation to include debug-only test logs r=Cykesiopka,jcj 2017-04-19 14:02:26 -07:00
CTLog.h
CTLogVerifier.cpp bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj 2017-04-11 14:11:28 -07:00
CTLogVerifier.h bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj 2017-04-11 14:11:28 -07:00
CTObjectsExtractor.cpp
CTObjectsExtractor.h
CTPolicyEnforcer.cpp
CTPolicyEnforcer.h
CTSerialization.cpp
CTSerialization.h
CTVerifyResult.cpp
CTVerifyResult.h
ExtendedValidation.cpp Bug 1380821 remove EV treatment for UTN-USERFirst-Hardware r=keeler 2017-07-18 11:28:26 -07:00
ExtendedValidation.h
moz.build Bug 1361750 - Disable various MSVC 2017 warnings in PSM to unbreak --enable-warnings-as-errors builds. r=keeler 2017-05-05 00:41:33 +08:00
MultiLogCTVerifier.cpp
MultiLogCTVerifier.h
NSSCertDBTrustDomain.cpp bug 1356623 - remove now-unnecessary CNNIC certificate whitelist r=jcj 2017-08-03 16:17:11 -07:00
NSSCertDBTrustDomain.h bug 1364159 - potentially avoid calling CERT_CreateSubjectCertList in NSSCertDBTrustDomain::FindIssuer r=Cykesiopka,jcj 2017-05-11 16:41:12 -07:00
OCSPCache.cpp
OCSPCache.h
OCSPRequestor.cpp
OCSPRequestor.h
OCSPVerificationTrustDomain.cpp
OCSPVerificationTrustDomain.h
SignedCertificateTimestamp.cpp
SignedCertificateTimestamp.h
SignedTreeHead.h
StartComAndWoSignData.inc