gecko-dev

mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-27 20:25:44 +00:00

History

David Keeler f60f796fb1 bug 1356623 - remove now-unnecessary CNNIC certificate whitelist r=jcj As a result of CNNIC issuing an unconstrained intermediate certificate that misissued an end-entity certificate for google.com (see bug 1146026 and bug 1177209), we implemented a system that would in theory enable Firefox to continue to trust certificates that were valid at the time but not newly issued certificates. This consisted of a whitelist added in bug 1151512. The CNNIC roots have since been removed from NSS in bug 1380868. We can now remove the whitelist in Firefox. MozReview-Commit-ID: 7VXOuvwzbct --HG-- extra : rebase_source : 20e6e39c40417a9b7f2962e06cf9de85e3e08ee8		2017-08-03 16:17:11 -07:00
..
tests/gtest	bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj	2017-04-11 14:11:28 -07:00
BRNameMatchingPolicy.cpp
BRNameMatchingPolicy.h
CertVerifier.cpp	Bug 1368107 - Remove TransportSecurityInfo::GetHostNameRaw(). r=keeler	2017-06-03 13:35:51 +08:00
CertVerifier.h	Bug 1368107 - Remove TransportSecurityInfo::GetHostNameRaw(). r=keeler	2017-06-03 13:35:51 +08:00
CTDiversityPolicy.cpp	Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler	2017-01-09 08:22:28 +02:00
CTDiversityPolicy.h	Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler	2017-01-09 08:22:28 +02:00
CTKnownLogs.h	bug 1349312 - part 1/2: patch CT implementation to include debug-only test logs r=Cykesiopka,jcj	2017-04-19 14:02:26 -07:00
CTLog.h	Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler	2017-01-09 08:22:28 +02:00
CTLogVerifier.cpp	bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj	2017-04-11 14:11:28 -07:00
CTLogVerifier.h	bug 1357226 - work around a library inefficiency with EC keys when verifying ECDSA signatures r=fkiefer,jcj	2017-04-11 14:11:28 -07:00
CTObjectsExtractor.cpp
CTObjectsExtractor.h
CTPolicyEnforcer.cpp	Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler	2017-01-09 08:22:28 +02:00
CTPolicyEnforcer.h	Bug 1320566 - Certificate Transparency - implement CT Policy. r=Dolske,keeler	2017-01-09 08:22:28 +02:00
CTSerialization.cpp
CTSerialization.h
CTVerifyResult.cpp
CTVerifyResult.h
ExtendedValidation.cpp	Bug 1380821 remove EV treatment for UTN-USERFirst-Hardware r=keeler	2017-07-18 11:28:26 -07:00
ExtendedValidation.h
moz.build	Bug 1361750 - Disable various MSVC 2017 warnings in PSM to unbreak --enable-warnings-as-errors builds. r=keeler	2017-05-05 00:41:33 +08:00
MultiLogCTVerifier.cpp
MultiLogCTVerifier.h
NSSCertDBTrustDomain.cpp	bug 1356623 - remove now-unnecessary CNNIC certificate whitelist r=jcj	2017-08-03 16:17:11 -07:00
NSSCertDBTrustDomain.h	bug 1364159 - potentially avoid calling CERT_CreateSubjectCertList in NSSCertDBTrustDomain::FindIssuer r=Cykesiopka,jcj	2017-05-11 16:41:12 -07:00
OCSPCache.cpp	Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby	2017-01-12 17:38:48 +01:00
OCSPCache.h	Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby	2017-01-12 17:38:48 +01:00
OCSPRequestor.cpp	Bug 1308100 - Replace PL_strlen/PL_strnlen with strlen/strnlen;r=erahm	2017-04-13 20:47:00 +02:00
OCSPRequestor.h	Bug 1330365 - Use mozilla::TimeStamp instead of NSPR's PRIntervalTime for OCSP timeout code. r=keeler	2017-01-14 13:12:43 +08:00
OCSPVerificationTrustDomain.cpp	bug 1349762 - handle two GlobalSign EV root transfers r=Cykesiopka,jcj	2017-04-03 17:17:38 -07:00
OCSPVerificationTrustDomain.h	bug 1349762 - handle two GlobalSign EV root transfers r=Cykesiopka,jcj	2017-04-03 17:17:38 -07:00
SignedCertificateTimestamp.cpp
SignedCertificateTimestamp.h	Bug 1338374 - Make Vector not use AlignedStorage for its inline element storage. r=froydnj, r=keeler	2017-01-30 15:56:05 -08:00
SignedTreeHead.h
StartComAndWoSignData.inc