security/certverifier/CertVerifier.cpp
5c81eeae17217d1666fd53a3a4e6de1d85cf49ad
created 2016-05-03 22:27 -0700
pushed 2016-05-04 05:48 +0000
Cykesiopka Cykesiopka - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. draft
36f621908a3c7b0636e574dec35d0cc20d7387dc
created 2016-04-20 00:55 -0700
pushed 2016-04-20 07:55 +0000
Cykesiopka Cykesiopka - Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. r=keeler draft
160a5c45ba089d7f62941d0223ed94293e6ee8aa
created 2016-04-17 00:48 -0700
pushed 2016-04-17 07:51 +0000
Cykesiopka Cykesiopka - Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. draft
52675626048a146c2a2c39df7515c9ccc829aac8
created 2016-02-09 10:14 -0800
pushed 2016-04-01 18:06 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
8772f2293eaba94a6890eadb525711e5d11ebf63
created 2016-03-28 12:52 -0700
pushed 2016-04-01 01:15 +0000
David Keeler David Keeler - bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r=jcj
446082fb849f145ca49141390c0f1da69df9d31e
created 2016-03-28 12:52 -0700
pushed 2016-03-30 21:22 +0000
David Keeler David Keeler - bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r?jcj draft
c61726fe9e644fa8269e5daafbaa4520d55983ac
created 2016-03-29 16:38 -0700
pushed 2016-03-30 14:52 +0000
Wes Kocher Wes Kocher - Backed out changeset 3ff2b12ffedc (bug 1254667) for upsetting the test_ocsp_caching.js gods on android CLOSED TREE
c9745cc0e05c7dc09dde372f4f2413cffadf3664
created 2016-03-28 12:52 -0700
pushed 2016-03-28 20:07 +0000
David Keeler David Keeler - bug 1254667 - change certificate verification SHA1 policy to "allow for locally-installed roots" r?jcj draft
c4f185985cf07915e0e517b943db569d01a1350b
created 2016-02-09 10:14 -0800
pushed 2016-03-18 21:31 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
57bc373cc881fb2870b028e62715ce0240afc372
created 2016-03-15 17:19 -0700
pushed 2016-03-17 21:35 +0000
David Keeler David Keeler - bug 1240118 - add functionality to treat a test certificate as a built-in root r?mgoodwin draft
2afee5f1c8c956f1d8ae05641b814c10b5c2c14f
created 2016-03-15 17:19 -0700
pushed 2016-03-16 23:29 +0000
David Keeler David Keeler - bug 1240118 - add functionality to treat a test certificate as a built-in root r?mgoodwin draft
9bce48571e58ecd43272623e852db3b83c4f1ed4
created 2016-03-04 17:06 -0800
pushed 2016-03-14 17:48 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
5c19306be55e240d32c7b36f39a06b640c69fce5
created 2016-01-28 10:36 -0800
pushed 2016-03-13 09:48 +0000
sajitk sajitk - Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in security subdirectory.r=nfroyd
38bf4f8e55bcc609eaeda0e7b5666f91f82a9a6c
created 2016-03-09 14:22 -0800
pushed 2016-03-10 01:23 +0000
Wes Kocher Wes Kocher - Backed out changeset 490eb9194ae1 (bug 1228175) for TestIsCertBuiltInRoot failures on at least Android
6d8f0c8126ed7f15817cc012240b197320c347a3
created 2016-03-04 17:06 -0800
pushed 2016-03-08 00:02 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
a4181cf5e1a2909284fccf427295132387104865
created 2016-02-09 10:14 -0800
pushed 2016-03-01 19:17 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
f2d5499330404d008c697f50f19e3b5ca1400e1b
created 2016-02-18 04:00 -0800
pushed 2016-02-18 12:03 +0000
Cykesiopka Cykesiopka - Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. draft
5e5b76d866341d47db93066b393af616b1e78f43
created 2016-01-29 10:15 -0800
pushed 2016-01-29 20:46 +0000
Wes Kocher Wes Kocher - Backed out changeset 7ec471c99263 (bug 1219482) to hopefully fix the intermittent hazard failures CLOSED TREE
7ec471c9926360990ad4ec55376c53b54638da3f
created 2016-01-28 10:36 -0500
pushed 2016-01-29 13:53 +0000
sajitk sajitk - Bug 1219482 - Replace PRLogModuleInfo with LazyLogModule in security subdirectory. r=froydnj
ed87585a9fbc7732626d48cbd7c18d6a40e27c1e
created 2015-04-16 14:20 -0700
pushed 2016-01-25 13:03 +0000
David Keeler David Keeler - Bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc, r=smaug, r=cykesiopka, r=past, a=sledru
7824f1d4018a93ffcd7f7e7337e10aa5599e47e7
created 2016-01-13 12:50 -0800
pushed 2016-01-20 22:26 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=rbarnes r=Cykesiopka r=mgoodwin draft
743e9951901489a781eeb252c41e90a5e32355cf
created 2016-01-13 12:50 -0800
pushed 2016-01-14 21:38 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
70bdf2f96258ead21ae3e9641bb67299ee3a62c2
created 2016-01-13 12:50 -0800
pushed 2016-01-14 20:14 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
6b9337f7d09d60be9dc61165aec9e1b77aec519f
created 2016-01-13 12:50 -0800
pushed 2016-01-13 21:48 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
801655542a1297462d83ee52f4f96c809e69458d
created 2015-11-13 16:49 +0000
pushed 2015-11-16 00:59 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r=keeler
7c18d82dc3cd9564a11374eab61de5aab3b47975
created 2015-11-12 15:44 +0000
pushed 2015-11-12 15:48 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
ab98b30cf7653f6be2fd71f9717b9fee43368917
created 2015-11-10 17:28 +0000
pushed 2015-11-10 17:41 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
742156e4be532651cac22a6265a4e2a69656122b
created 2015-11-05 19:19 +0000
pushed 2015-11-05 19:24 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
0516d4db29a9d76361dd51331036e0b059b4dd60
created 2015-09-11 14:52 -0400
pushed 2015-09-14 03:00 +0000
Richard Barnes Richard Barnes - Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
fc86e9f2d6ea34b486058211fe468f4ada67f144
created 2015-08-21 15:14 +0100
pushed 2015-08-21 16:07 +0000
Mark Goodwin Mark Goodwin - Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)
ed6cdc6365d4bb40948bbfcf3c8181f3a2315a1b
created 2015-07-12 09:24 -0700
pushed 2015-07-12 16:26 +0000
Cykesiopka Cykesiopka - Bug 908125 - Reject BR EE certs with lifetimes greater than the BRs allow. draft
0ddc5628704f72f0913507cb80afc48ef113f1fb
created 2015-06-15 13:53 -0700
pushed 2015-07-09 21:52 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android. r=keeler, a=lizzard
4dd61213c4677cac242f4b4423148465cf4bf7b5
created 2015-06-11 14:56 -0700
pushed 2015-07-09 21:52 +0000
David Keeler David Keeler - Bug 1170303 - Treat malformed name information in certificates as a domain name mismatch. r=Cykesiopka, a=lizzard
056a30240faefe2a525d5bcd8ccb098510626b98
created 2015-06-11 14:56 -0700
pushed 2015-07-09 21:52 +0000
David Keeler David Keeler - Bug 1170303 - Treat malformed name information in certificates as a domain name mismatch. r=Cykesiopka, a=lizzard
31d0ae4d8c62e08a17784a6be2ad185d6b2f4e23
created 2015-07-09 07:22 +0100
pushed 2015-07-09 19:29 +0000
Mark Goodwin Mark Goodwin - Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler)
4d79e25e7a2f60874569d76bb9e915c328a65038
created 2015-06-21 21:44 -0700
pushed 2015-06-22 04:50 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. draft
8126af579c851b7fb4d7af4ccaa264beb6cfecbd
created 2015-06-14 21:26 -0700
pushed 2015-06-15 06:31 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. draft
7da175eb7a6fc3673ce9a5fdee8b12fef1350fca
created 2015-06-01 13:55 -0700
pushed 2015-06-10 06:10 +0000
David Keeler David Keeler - bug 1170303 - treat malformed name information in certificates as a domain name mismatch r=Cykesiopka
4bc3d8e62192ea5ff9084681778e5e95648cfa48
created 2015-05-28 13:29 -0700
pushed 2015-06-09 05:36 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
3ba889bb0741884c66bbe902a571ac2e1e2be8cd
created 2015-06-08 11:37 -0400
pushed 2015-06-08 16:57 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out changeset fda85020d842 (bug 1010068) for Android test_cert_overrides.js failures.
fda85020d8424532ec552b7178b457015ca3d031
created 2015-05-28 13:29 -0700
pushed 2015-06-08 16:57 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
f52c18aac7ce0949190da943ec5d4ee86627d0f8
created 2015-06-03 15:25 -0700
pushed 2015-06-04 18:32 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
a5b5bde7a8dc2aa736fc0a46a86d2167d725af06
created 2015-06-01 13:55 -0700
pushed 2015-06-03 23:19 +0000
David Keeler David Keeler - bug 1170303 - treat malformed name information in certificates as a domain name mismatch draft
3c8ed81098ddbe4a4c09e7aa652b5288dc4ce0d3
created 2015-06-02 13:05 +0200
pushed 2015-06-03 06:55 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures
7c3b45a47811b55f4e973d996dd149c5d575721b
created 2015-06-01 22:17 -0700
pushed 2015-06-03 06:55 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
3f1f9238e02fe107701bf3ab4237c0cb3b125710
created 2015-06-01 17:57 -0700
pushed 2015-06-02 12:32 +0000
Wes Kocher Wes Kocher - Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE
150606c022a29517f43ee6907075170db825c947
created 2015-06-01 14:31 -0700
pushed 2015-06-02 12:32 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
b6720b230a13ee8bbff7de85178e4c5d27b70b50
created 2015-06-01 13:55 -0700
pushed 2015-06-01 21:18 +0000
David Keeler David Keeler - bug 1170303 - treat malformed name information in certificates as a domain name mismatch draft
8a03e892db51e07a20a85f97abe073cee7be0fa0
created 2015-05-21 13:22 -0700
pushed 2015-05-22 20:04 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj
1853f12d7d8c336d0689a8d3e0e21e174609f50a
created 2015-04-06 16:10 -0700
pushed 2015-05-15 17:17 +0000
David Keeler David Keeler - bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
b46612a5525552a32c511d9b223e1e8291262a13
created 2015-05-07 11:06 -0700
pushed 2015-05-12 17:34 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka
3cdce28ffcc6de50fac4fce22a8bca0a467db44b
created 2015-05-08 14:36 -0700
pushed 2015-05-11 03:41 +0000
Eric Rahm Eric Rahm - Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj
ba305ad16ad5f902e929419442c59f41ce4c7f46
created 2015-05-07 11:06 -0700
pushed 2015-05-07 18:28 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames
87995909a9acb1dc2003ed00d2960c294d5c6ba3
created 2015-04-22 14:56 -0700
pushed 2015-04-28 22:02 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames draft
98059179549d4e550a0593d5af1977d43160e743
created 2015-03-25 11:04 -0700
pushed 2015-04-16 22:18 +0000
David Keeler David Keeler - bug 1147497 - Add API for querying site pin status. Disallow overrides for sites that have pins. r=mmc r=smaug r=cykesiopka r=past
eee856befda3b54b11383be5192ce333de40ea08
created 2015-03-05 16:41 +0100
pushed 2015-03-06 10:32 +0000
Cykesiopka Cykesiopka - Bug 1139177 - RSA public key size checking cleanups. r=keeler
f378b68991bca8a6711b54bfe11b09a65fc13d27
created 2014-12-11 23:22 -0800
pushed 2015-03-03 18:12 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler, a=sledru
c6f3b60f6f8ab6a9c1d1918373968433d4e5e50b
created 2015-02-24 15:48 -0800
pushed 2015-02-27 21:58 +0000
David Keeler David Keeler - bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
fa67b437a89ab8590a5bcd3a91a4d779f716c6dd
created 2015-01-23 06:17 +0100
pushed 2015-02-05 16:04 +0000
TheKK TheKK - Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
f1ba8432414daea5876b80dce3a2e633c8434414
created 2014-12-17 21:31 -0500
pushed 2014-12-27 16:54 +0000
Kaspar Brand Kaspar Brand - Bug 1112487 - The signing certificates with key usage only non-repudiation is taken as invalid for signing. r=keeler
less more (0) -100 -60 tip