security/certverifier/CertVerifier.h
5c81eeae17217d1666fd53a3a4e6de1d85cf49ad
created 2016-05-03 22:27 -0700
pushed 2016-05-04 05:48 +0000
Cykesiopka Cykesiopka - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. draft
160a5c45ba089d7f62941d0223ed94293e6ee8aa
created 2016-04-17 00:48 -0700
pushed 2016-04-17 07:51 +0000
Cykesiopka Cykesiopka - Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. draft
877286b0c525be6101bdaea5e4cc49ebea9c7430
created 2016-02-09 10:14 -0800
pushed 2016-03-31 22:56 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
c4f185985cf07915e0e517b943db569d01a1350b
created 2016-02-09 10:14 -0800
pushed 2016-03-18 21:31 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
9bce48571e58ecd43272623e852db3b83c4f1ed4
created 2016-03-04 17:06 -0800
pushed 2016-03-14 17:48 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
38bf4f8e55bcc609eaeda0e7b5666f91f82a9a6c
created 2016-03-09 14:22 -0800
pushed 2016-03-10 01:23 +0000
Wes Kocher Wes Kocher - Backed out changeset 490eb9194ae1 (bug 1228175) for TestIsCertBuiltInRoot failures on at least Android
6d8f0c8126ed7f15817cc012240b197320c347a3
created 2016-03-04 17:06 -0800
pushed 2016-03-08 00:02 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
a4181cf5e1a2909284fccf427295132387104865
created 2016-02-09 10:14 -0800
pushed 2016-03-01 19:17 +0000
David Keeler David Keeler - bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r?Cykesiopka,mgoodwin draft
743e9951901489a781eeb252c41e90a5e32355cf
created 2016-01-13 12:50 -0800
pushed 2016-01-14 21:38 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
70bdf2f96258ead21ae3e9641bb67299ee3a62c2
created 2016-01-13 12:50 -0800
pushed 2016-01-14 20:14 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
6b9337f7d09d60be9dc61165aec9e1b77aec519f
created 2016-01-13 12:50 -0800
pushed 2016-01-13 21:48 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
7c18d82dc3cd9564a11374eab61de5aab3b47975
created 2015-11-12 15:44 +0000
pushed 2015-11-12 15:48 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
ab98b30cf7653f6be2fd71f9717b9fee43368917
created 2015-11-10 17:28 +0000
pushed 2015-11-10 17:41 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
742156e4be532651cac22a6265a4e2a69656122b
created 2015-11-05 19:19 +0000
pushed 2015-11-05 19:24 +0000
Mark Goodwin Mark Goodwin - Bug 901698 - Implement OCSP-must-staple; r?keeler draft
0516d4db29a9d76361dd51331036e0b059b4dd60
created 2015-09-11 14:52 -0400
pushed 2015-09-14 03:00 +0000
Richard Barnes Richard Barnes - Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
fc86e9f2d6ea34b486058211fe468f4ada67f144
created 2015-08-21 15:14 +0100
pushed 2015-08-21 16:07 +0000
Mark Goodwin Mark Goodwin - Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)
0ddc5628704f72f0913507cb80afc48ef113f1fb
created 2015-06-15 13:53 -0700
pushed 2015-07-09 21:52 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android. r=keeler, a=lizzard
31d0ae4d8c62e08a17784a6be2ad185d6b2f4e23
created 2015-07-09 07:22 +0100
pushed 2015-07-09 19:29 +0000
Mark Goodwin Mark Goodwin - Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler)
8126af579c851b7fb4d7af4ccaa264beb6cfecbd
created 2015-06-14 21:26 -0700
pushed 2015-06-15 06:31 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. draft
4bc3d8e62192ea5ff9084681778e5e95648cfa48
created 2015-05-28 13:29 -0700
pushed 2015-06-09 05:36 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
3ba889bb0741884c66bbe902a571ac2e1e2be8cd
created 2015-06-08 11:37 -0400
pushed 2015-06-08 16:57 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out changeset fda85020d842 (bug 1010068) for Android test_cert_overrides.js failures.
fda85020d8424532ec552b7178b457015ca3d031
created 2015-05-28 13:29 -0700
pushed 2015-06-08 16:57 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
1853f12d7d8c336d0689a8d3e0e21e174609f50a
created 2015-04-06 16:10 -0700
pushed 2015-05-15 17:17 +0000
David Keeler David Keeler - bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
c6f3b60f6f8ab6a9c1d1918373968433d4e5e50b
created 2015-02-24 15:48 -0800
pushed 2015-02-27 21:58 +0000
David Keeler David Keeler - bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
fa67b437a89ab8590a5bcd3a91a4d779f716c6dd
created 2015-01-23 06:17 +0100
pushed 2015-02-05 16:04 +0000
TheKK TheKK - Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
610eb25d2d63d18d7233d21aaf464471545ccab0
created 2014-12-11 23:22 -0800
pushed 2014-12-14 15:42 +0000
Brian Smith Brian Smith - Bug 1107666: Fix OCSP stapling telemetry (SSL_OCSP_STAPLING), r=keeler
d8e146e60d2401c8038041740e99477aabc3b4f0
created 2014-08-21 10:37 -0700
pushed 2014-10-29 02:45 +0000
David Keeler David Keeler - Bug 1049095 - Re-verify joinee certificate with joining hostname when joining connections. r=briansmith, r=mcmanus, r=cviecco, r=mmc, r=rbarnes, a=sledru
4f90b7fb1918462222c557100342cdd627e2f3f3
created 2014-09-25 11:18 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
9dc5491eb546b9d334fd305488d50891e2749773
created 2014-09-25 11:08 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco
9d11637912b49883f8f695dd3db3bb873e4c0d89
created 2014-09-03 11:44 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
1d03b29bd1051408b89a0037e83cc256e55ace81
created 2014-09-02 16:49 -0700
pushed 2014-10-20 17:29 +0000
Wes Kocher Wes Kocher - Backed out 1 changesets (bug 1050546) for build bustage
c7a9e81772026db3aefc3093412c7375cefa0b12
created 2014-09-02 12:10 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1050546 - telemetry for baseline requirements sections 9.2.1 and 9.2.2 (subject alt names/common name) r=rbarnes
c4d1c00413479524bbd1f9ef4ba1f0809099af65
created 2014-08-21 10:37 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes
a4a8b3b58191206f53748d823cf255fba4042253
created 2014-08-02 08:49 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
0ed88d692f42f34802beafcea77797f61c918155
created 2014-07-06 15:55 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
b3ebf7675c7bd1d85ed1b7290e1d2c3ae28a0490
created 2014-06-16 23:13 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 975229: Remove NSS-based certificate verification, r=keeler
1f5b5d9cbf72d570fb8e054713060243e44c303b
created 2014-05-19 13:04 -0700
pushed 2014-10-20 17:29 +0000
Monica Chew Monica Chew - Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler)
affd460bc3d7ee6d8a6347bd7ae7faa4c7dc1ecd
created 2014-02-05 14:49 -0800
pushed 2014-10-20 17:29 +0000
Camilo Viecco Camilo Viecco - Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler
04ea38d3515f3dd7e739cfed8005fa70634c06fb
created 2014-03-20 14:29 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
840df518d026f9f7b9bf896fb7ef8d0b3e9fb9da
created 2014-03-12 13:08 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 915932 - cache OCSP responses when using insanity::pkix r=cviecco r=briansmith
b7030189c2ca5697c8fba43220511ddc39fcce98
created 2014-02-23 22:15 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler
302def56019a278411ed9d71e3de7126d1729811
created 2014-02-16 17:35 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco
5eece3c778aaecfe6c4bcbeaae863f611ef47280
created 2014-02-10 11:41 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 878932, Part 1: add insanity::pkix as an option for certificate verification, r=keeler, r=cviecco
f693e9ad7bc537354d6056d5e43dfb2de42c7d06
created 2014-01-24 13:57 -0800
pushed 2014-10-20 17:29 +0000
Camilo Viecco Camilo Viecco - Bug 962833: ensure-certverify-returns secfailure on MUST_BE_EV and no ev certificate. r=dkeeler
a3bd9bdeac7334c57ae01bb9b70f858e8900f68c
created 2013-09-27 19:53 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, Part 8: Add stapled OCSP response to CertVerifier, r=cviecco
f09555644f77bb593d607eb51ba418d1da2e2f64
created 2013-07-10 23:47 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, Part 7: Give CertVerifier its own NSPR logging module, r=cviecco
3e3ddb3ce8d331b9898c04e1bb90764738366edc
created 2013-07-08 16:30 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, Part 6: Move SSL server cert verification logic to security/certverifier, r=cviecco
aaad90a5936fe7c70754712365d4b06338dd43f3
created 2014-01-22 17:13 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, Part 5: Switch to security::pkix::ScopedCERTCertList, r=cviecco
95f848f55c90176dd061a54c6d8d9855dbfed258
created 2014-01-20 22:10 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, Part 3: Move more initialization of NSS to security/certverifier, r=keeler
2dc56ee0e0e51a35ac0573b57451ad79361e6d0d
created 2014-01-26 19:36 -0800
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 891066, part 2: Move CertVerifier to security/certverifier, r=keeler
less more (0) tip