security/certverifier/NSSCertDBTrustDomain.h
9ba96194d17e2b54619e9f759f02b31a541bf1f6
created 2016-05-05 14:56 -0700
pushed 2016-05-05 22:04 +0000
Cykesiopka Cykesiopka - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. r=keeler draft
5c81eeae17217d1666fd53a3a4e6de1d85cf49ad
created 2016-05-03 22:27 -0700
pushed 2016-05-04 05:48 +0000
Cykesiopka Cykesiopka - Bug 1267905 - Replace uses of ScopedCERTCertList with UniqueCERTCertList. draft
6b9337f7d09d60be9dc61165aec9e1b77aec519f
created 2016-01-13 12:50 -0800
pushed 2016-01-13 21:48 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
1178c817d71134e91070508c2b97e6be635358ad
created 2015-10-30 10:37 -0700
pushed 2015-11-04 00:04 +0000
David Keeler David Keeler - bug 1220223 - don't load PKCS11 modules in safe mode draft
0516d4db29a9d76361dd51331036e0b059b4dd60
created 2015-09-11 14:52 -0400
pushed 2015-09-14 03:00 +0000
Richard Barnes Richard Barnes - Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
fc86e9f2d6ea34b486058211fe468f4ada67f144
created 2015-08-21 15:14 +0100
pushed 2015-08-21 16:07 +0000
Mark Goodwin Mark Goodwin - Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)
ed6cdc6365d4bb40948bbfcf3c8181f3a2315a1b
created 2015-07-12 09:24 -0700
pushed 2015-07-12 16:26 +0000
Cykesiopka Cykesiopka - Bug 908125 - Reject BR EE certs with lifetimes greater than the BRs allow. draft
31d0ae4d8c62e08a17784a6be2ad185d6b2f4e23
created 2015-07-09 07:22 +0100
pushed 2015-07-09 19:29 +0000
Mark Goodwin Mark Goodwin - Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler)
4d79e25e7a2f60874569d76bb9e915c328a65038
created 2015-06-21 21:44 -0700
pushed 2015-06-22 04:50 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. draft
1853f12d7d8c336d0689a8d3e0e21e174609f50a
created 2015-04-06 16:10 -0700
pushed 2015-05-15 17:17 +0000
David Keeler David Keeler - bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
0511335a89fdad7bab8806a06512e5b05b38932a
created 2015-04-12 19:57 -1000
pushed 2015-04-14 14:16 +0000
Brian Smith Brian Smith - Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
ac4464790ec4896a5188fa50cfc69ae0ffeddc08
created 2015-03-21 12:28 -0400
pushed 2015-03-23 03:02 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
eee856befda3b54b11383be5192ce333de40ea08
created 2015-03-05 16:41 +0100
pushed 2015-03-06 10:32 +0000
Cykesiopka Cykesiopka - Bug 1139177 - RSA public key size checking cleanups. r=keeler
a20c7910a82fa2df2f3398c1108d102bac9128b0
created 2015-03-25 12:42 -0400
pushed 2015-05-10 10:26 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
a76195f874dedc6d57c5b7fcae3f235634447ebf
created 2015-02-24 15:48 -0800
pushed 2015-05-10 10:26 +0000
David Keeler David Keeler - Bug 1049740 - Implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys. r=briansmith
f378b68991bca8a6711b54bfe11b09a65fc13d27
created 2014-12-11 23:22 -0800
pushed 2015-03-03 18:12 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler, a=sledru
c6f3b60f6f8ab6a9c1d1918373968433d4e5e50b
created 2015-02-24 15:48 -0800
pushed 2015-02-27 21:58 +0000
David Keeler David Keeler - bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
99f4f20645206379f887d0914e48745310cad12e
created 2015-02-14 16:59 -0800
pushed 2015-02-24 02:39 +0000
Brian Smith Brian Smith - Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler
63f7bbd24da3d620d9c0d076e01826a64aa7d268
created 2014-12-11 23:22 -0800
pushed 2015-02-19 22:06 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler
5e39cbc525ad091f8ee8cd2a9fbfcf49f3e89c36
created 2015-02-07 12:14 -0800
pushed 2015-02-11 16:57 +0000
Brian Smith Brian Smith - Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
3fe8d7d7f9f7373d0d3a3341d1a46347c06c85c7
created 2015-02-02 16:17 -0800
pushed 2015-02-11 16:57 +0000
Brian Smith Brian Smith - Bug 1122841, Part 2: Centralize checking of public key, r=keeler
fa67b437a89ab8590a5bcd3a91a4d779f716c6dd
created 2015-01-23 06:17 +0100
pushed 2015-02-05 16:04 +0000
TheKK TheKK - Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
5f8dbb4956752d9759c92ac84b37c79d046805d2
created 2015-01-07 06:08 +0100
pushed 2015-01-09 19:06 +0000
Mark Goodwin Mark Goodwin - Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler r=Unfocused
5a082a183de4bc87e28ec3e29557162ed20fb632
created 2014-12-19 11:31 -0800
pushed 2014-12-21 23:30 +0000
David Keeler David Keeler - backout changeset 339049fcea42 (bug 1024809) for android and b2g bustage on a CLOSED TREE
339049fcea42e2454843b0f2752e41eadd3e8fe7
created 2014-12-19 10:22 -0800
pushed 2014-12-21 23:30 +0000
Mark Goodwin Mark Goodwin - Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs (r=keeler,Unfocused)
610eb25d2d63d18d7233d21aaf464471545ccab0
created 2014-12-11 23:22 -0800
pushed 2014-12-14 15:42 +0000
Brian Smith Brian Smith - Bug 1107666: Fix OCSP stapling telemetry (SSL_OCSP_STAPLING), r=keeler
7e582ef49f2f946f43eb2d1f59fce19f0294140a
created 2014-11-28 12:23 +0100
pushed 2014-11-28 14:54 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset b38a8e2203a1 (bug 1024809) for Android 4 perma failures
b38a8e2203a1633e984b30dd35d4bb201bd49e0c
created 2014-11-27 23:36 +0100
pushed 2014-11-28 14:54 +0000
Mark Goodwin Mark Goodwin - Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. (r=keeler,Unfocused)
1e0e447828ec9f53faea43140a4de26865c9f221
created 2014-11-27 16:30 +0100
pushed 2014-11-28 14:54 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 761071f57ab6 (bug 1024809) for emulator ics bustage
761071f57ab615bfc6c93148ac9e07bab141257b
created 2014-11-27 04:12 +0100
pushed 2014-11-28 14:54 +0000
Mark Goodwin Mark Goodwin - Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler,Unfocused
1f599d357743c088c6e1237580d367a9c5a6278c
created 2014-07-18 11:48 -0700
pushed 2014-10-29 02:45 +0000
Brian Smith Brian Smith - Bug 1039064 - Use strongly-typed enum instead of NSPR-style error handling. r=keeler, a=lmandel
b8c9b76b6585da4b72cb4822185c4076299bbc9e
created 2014-09-15 15:57 -0400
pushed 2014-10-29 02:45 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out 3 changesets (bug 1039064, bug 1040446, bug 1034124) for ASAN xpcshell hangs.
c7d17b1ecef843606092a04865ad4ae2644fc4af
created 2014-06-20 09:01 -0700
pushed 2014-10-29 02:45 +0000
David Keeler David Keeler - Bug 997509 - Heed expired Revoked or Unknown OCSP responses. r=briansmith, a=sledru
6830ccd24825195cc920c61a09283ea082f79949
created 2014-06-03 11:20 -0700
pushed 2014-10-29 02:45 +0000
Camilo Viecco Camilo Viecco - Bug 991815 - (mozilla::pkix) Allow 1 year old intermediate OCSP responses. r=keeler a=sledru
4c21b252632f4ce4600ff438efe8ce1b6b4d2a80
created 2014-06-03 13:34 -0700
pushed 2014-10-29 02:45 +0000
Camilo Viecco Camilo Viecco - Backed out changeset af7af149b5dd (burning aurora windows)
af7af149b5dd64cb14958a2932b208c6fa37d474
created 2014-06-03 11:20 -0700
pushed 2014-10-29 02:45 +0000
Camilo Viecco Camilo Viecco - Bug 991815 - (mozilla::pkix) Allow 1 year old intermediate OCSP responses. r=keeler a= sledru
f564fff0642cfbd82f7192d7e2d8b00610e16091
created 2014-10-18 15:18 +0200
pushed 2014-10-20 17:29 +0000
Cykesiopka Cykesiopka - Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
209ec35a59c13bfccd4b5a787268cb4e1eaf1bb3
created 2014-10-17 13:14 +0200
pushed 2014-10-20 17:29 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests
3afdc3253979b356a146c55e49eb68eb48580927
created 2014-10-16 05:13 +0200
pushed 2014-10-20 17:29 +0000
Cykesiopka Cykesiopka - Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
4f90b7fb1918462222c557100342cdd627e2f3f3
created 2014-09-25 11:18 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
a4a8b3b58191206f53748d823cf255fba4042253
created 2014-08-02 08:49 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
c989be71f8443b628a15cd0aab16f47de73d3582
created 2014-07-31 12:17 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
c04d170a0bd9ad169065d5546a1149554a543422
created 2014-07-18 22:30 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
a6147f19dc56aecfcce19a019d8f966db8a32492
created 2014-07-20 11:06 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco
5f7dc391e8611d1f12f77d55f2c5a56ef8f6f29e
created 2014-07-18 11:48 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
83b81059b2a2c5af28632891978c3ee589958f0f
created 2014-07-15 19:49 -0400
pushed 2014-10-20 17:29 +0000
Cykesiopka Cykesiopka - Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith
2ea91aa53633847fb32c280a079d9a958534f215
created 2014-07-06 19:36 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler
578899c0b81952253e829c2e6fa8de1b83afe624
created 2014-07-10 19:00 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler
0ed88d692f42f34802beafcea77797f61c918155
created 2014-07-06 15:55 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
44c19e8283c2b4e590b3ffdfbfbdef6f370056cc
created 2014-07-02 16:15 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1033563, Part 3: Change mozilla::pkix::TrustDomain::FindPotentialIssuers API to be iterator-like, r=keeler
911d02f2c02a13fbdf80083f6d00886e35523f20
created 2014-07-03 16:59 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler
b3ebf7675c7bd1d85ed1b7290e1d2c3ae28a0490
created 2014-06-16 23:13 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 975229: Remove NSS-based certificate verification, r=keeler
3d54fd14fb9c6fce3336ea14831ff51b6bbc6b5d
created 2014-06-20 10:10 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler
31310e4551300a8dfa3c35042112900387826ee0
created 2014-06-20 09:01 -0700
pushed 2014-10-20 17:29 +0000
David Keeler David Keeler - bug 997509 - heed expired Revoked or Unknown OCSP responses r=briansmith
fa797212429e813a44f198c59763a44027a1cadc
created 2014-06-05 15:18 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
44be87ea2e1be101218c3cb66032f599c465610a
created 2014-06-03 10:47 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler
71b7b1f1e87bf233c4d08dd20e04372b1b751549
created 2014-05-30 16:12 -0700
pushed 2014-10-20 17:29 +0000
Camilo Viecco Camilo Viecco - Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler
c288e2c355abaa840d36f1b754708bb466df767f
created 2014-05-21 15:42 -0700
pushed 2014-10-20 17:29 +0000
Camilo Viecco Camilo Viecco - Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler
a4ae7060f43ac1a4e49b30dfd7a95c5212940d4b
created 2014-05-15 18:59 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
c968e47ef70893902ed49f65ade8a2ffe116ea11
created 2014-04-25 16:29 -0700
pushed 2014-10-20 17:29 +0000
Brian Smith Brian Smith - Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc
less more (0) -60 tip