security/certverifier/NSSCertDBTrustDomain.cpp
9bce48571e58ecd43272623e852db3b83c4f1ed4
created 2016-03-04 17:06 -0800
pushed 2016-03-14 17:48 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
5c19306be55e240d32c7b36f39a06b640c69fce5
created 2016-01-28 10:36 -0800
pushed 2016-03-13 09:48 +0000
sajitk sajitk - Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in security subdirectory.r=nfroyd
38bf4f8e55bcc609eaeda0e7b5666f91f82a9a6c
created 2016-03-09 14:22 -0800
pushed 2016-03-10 01:23 +0000
Wes Kocher Wes Kocher - Backed out changeset 490eb9194ae1 (bug 1228175) for TestIsCertBuiltInRoot failures on at least Android
6d8f0c8126ed7f15817cc012240b197320c347a3
created 2016-03-04 17:06 -0800
pushed 2016-03-08 00:02 +0000
David Keeler David Keeler - bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin draft
f2d5499330404d008c697f50f19e3b5ca1400e1b
created 2016-02-18 04:00 -0800
pushed 2016-02-18 12:03 +0000
Cykesiopka Cykesiopka - Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. draft
5e5b76d866341d47db93066b393af616b1e78f43
created 2016-01-29 10:15 -0800
pushed 2016-01-29 20:46 +0000
Wes Kocher Wes Kocher - Backed out changeset 7ec471c99263 (bug 1219482) to hopefully fix the intermittent hazard failures CLOSED TREE
7ec471c9926360990ad4ec55376c53b54638da3f
created 2016-01-28 10:36 -0500
pushed 2016-01-29 13:53 +0000
sajitk sajitk - Bug 1219482 - Replace PRLogModuleInfo with LazyLogModule in security subdirectory. r=froydnj
7824f1d4018a93ffcd7f7e7337e10aa5599e47e7
created 2016-01-13 12:50 -0800
pushed 2016-01-20 22:26 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=rbarnes r=Cykesiopka r=mgoodwin draft
743e9951901489a781eeb252c41e90a5e32355cf
created 2016-01-13 12:50 -0800
pushed 2016-01-14 21:38 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
70bdf2f96258ead21ae3e9641bb67299ee3a62c2
created 2016-01-13 12:50 -0800
pushed 2016-01-14 20:14 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
6b9337f7d09d60be9dc61165aec9e1b77aec519f
created 2016-01-13 12:50 -0800
pushed 2016-01-13 21:48 +0000
David Keeler David Keeler - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r?rbarnes r?mgoodwin r?Cykesiopka draft
d7628ca83e108b55f5aca712db3df4bdf1892a77
created 2015-12-28 18:41 -0700
pushed 2016-01-13 13:04 +0000
Chris Peterson Chris Peterson - Bug 1235188 - Fix -Wformat warnings in security/certverifier/. r=keeler
1b5c9493e4e97d5039882ff861117dfe63380878
created 2015-12-25 00:03 -0700
pushed 2015-12-29 10:02 +0000
Chris Peterson Chris Peterson - Bug 1235308 - Fix -Wimplicit-fallthrough warnings in security/. r=keeler
63873a854287462ebc9e2075798e871e18382ae4
created 2015-11-13 07:42 +0100
pushed 2015-11-17 02:28 +0000
Cykesiopka Cykesiopka - Bug 1222903 - Reject EV status for EV EE certs that are valid for longer than 27 months as well. r=keeler
cfa10671a0340f98fa1fdc26fedd38e60b7c7d7a
created 2015-11-09 00:28 -0800
pushed 2015-11-09 08:38 +0000
Cykesiopka Cykesiopka - Bug 1222903 - Reject EV status for EV EE certs that are valid for longer than 27 months as well. draft
1178c817d71134e91070508c2b97e6be635358ad
created 2015-10-30 10:37 -0700
pushed 2015-11-04 00:04 +0000
David Keeler David Keeler - bug 1220223 - don't load PKCS11 modules in safe mode draft
0516d4db29a9d76361dd51331036e0b059b4dd60
created 2015-09-11 14:52 -0400
pushed 2015-09-14 03:00 +0000
Richard Barnes Richard Barnes - Bug 942515 - Show Untrusted Connection Error for SHA-1-based SSL certificates with notBefore >= 2016-01-01 r=keeler
fc86e9f2d6ea34b486058211fe468f4ada67f144
created 2015-08-21 15:14 +0100
pushed 2015-08-21 16:07 +0000
Mark Goodwin Mark Goodwin - Bug 1153444 - Fix up Key Pinning Telemetry (r=keeler)
4caca8feef1fe207d00a1f43bb6859db685000d5
created 2015-07-17 17:07 +0100
pushed 2015-07-17 18:52 +0000
Mark Goodwin Mark Goodwin - Bug 1183822 - fix OCSP verification failures (r=keeler)
99b36484d3bce5f278764fc617981560ca6b46a6
created 2015-07-17 10:36 +0100
pushed 2015-07-17 18:52 +0000
Mark Goodwin Mark Goodwin - Backed out changeset fb6cbb4ada54 (bug 1183822)
fb6cbb4ada544b1d4e690b8dad1e067c2e3e609b
created 2015-07-17 10:03 +0100
pushed 2015-07-17 18:52 +0000
Mark Goodwin Mark Goodwin - Bug 1183822 - fix OCSP verification failures (r=keeler)
1fe69c9d2eb125e4d63c0980c6ac186e0f70fafc
created 2015-07-16 10:04 +0100
pushed 2015-07-16 10:10 +0000
Mark Goodwin Mark Goodwin - Bug 1183822 - fix OCSP verification failures r?keeler draft
ed6cdc6365d4bb40948bbfcf3c8181f3a2315a1b
created 2015-07-12 09:24 -0700
pushed 2015-07-12 16:26 +0000
Cykesiopka Cykesiopka - Bug 908125 - Reject BR EE certs with lifetimes greater than the BRs allow. draft
31d0ae4d8c62e08a17784a6be2ad185d6b2f4e23
created 2015-07-09 07:22 +0100
pushed 2015-07-09 19:29 +0000
Mark Goodwin Mark Goodwin - Bug 1159155 - Add telemetry probe for SHA-1 usage (r=keeler)
a2b818a26d8528a8da37b16622e06df4d0c1676f
created 2015-06-29 22:19 +0200
pushed 2015-06-30 18:17 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. r=keeler
4d79e25e7a2f60874569d76bb9e915c328a65038
created 2015-06-21 21:44 -0700
pushed 2015-06-22 04:50 +0000
Cykesiopka Cykesiopka - Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. draft
f52c18aac7ce0949190da943ec5d4ee86627d0f8
created 2015-06-03 15:25 -0700
pushed 2015-06-04 18:32 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
3c8ed81098ddbe4a4c09e7aa652b5288dc4ce0d3
created 2015-06-02 13:05 +0200
pushed 2015-06-03 06:55 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out 14 changesets (bug 1165515) for linux x64 e10s m2 test failures
7c3b45a47811b55f4e973d996dd149c5d575721b
created 2015-06-01 22:17 -0700
pushed 2015-06-03 06:55 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
3f1f9238e02fe107701bf3ab4237c0cb3b125710
created 2015-06-01 17:57 -0700
pushed 2015-06-02 12:32 +0000
Wes Kocher Wes Kocher - Backed out 14 changesets (bug 1165515) for b2g mochitest-6 permafail CLOSED TREE
150606c022a29517f43ee6907075170db825c947
created 2015-06-01 14:31 -0700
pushed 2015-06-02 12:32 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 13-2: Replace usage of PRLogModuleLevel and PR_LOG_*. rs=froydnj
8a03e892db51e07a20a85f97abe073cee7be0fa0
created 2015-05-21 13:22 -0700
pushed 2015-05-22 20:04 +0000
Eric Rahm Eric Rahm - Bug 1165515 - Part 1: Convert PR_LOG to MOZ_LOG. r=froydnj
8e525037fc7aaebc9d4dc64b058dcdcfedb6dc80
created 2015-05-16 16:38 -0400
pushed 2015-05-18 13:06 +0000
Richard Barnes Richard Barnes - Backed out changeset fe10feec1ede because of OCSP test failures
fe10feec1edef68862f1733a65b0b0fd34c5a0ff
created 2015-05-15 16:17 -0400
pushed 2015-05-18 13:06 +0000
Richard Barnes Richard Barnes - Bug 1010068 - Disable OCSP for DV certificates in Firefox for Android r=keeler
1853f12d7d8c336d0689a8d3e0e21e174609f50a
created 2015-04-06 16:10 -0700
pushed 2015-05-15 17:17 +0000
David Keeler David Keeler - bug 1141189 - implement skipping expensive revocation checks (OCSP fetching) for short-lived certificates r=rbarnes
b46612a5525552a32c511d9b223e1e8291262a13
created 2015-05-07 11:06 -0700
pushed 2015-05-12 17:34 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames r=Cykesiopka
3cdce28ffcc6de50fac4fce22a8bca0a467db44b
created 2015-05-08 14:36 -0700
pushed 2015-05-11 03:41 +0000
Eric Rahm Eric Rahm - Bug 1162691 - Part 1: Remove instances of #ifdef PR_LOGGING in security. r=froydnj
a4e5010cb3d1ef01aecd5e7aee74b42670be5bc7
created 2015-05-07 18:54 +0100
pushed 2015-05-08 21:32 +0000
Mark Goodwin Mark Goodwin - Bug 1128607 - Add freshness check for OneCRL (r=keeler)
34c32b04a1d82813bdb22d68e86520d5834753fb
created 2015-04-27 17:01 -0700
pushed 2015-05-10 10:26 +0000
David Keeler David Keeler - Bug 1151512 - Restrict CNNIC-issued certificates to a whitelist. r=jcj, r=rbarnes, a=lizzard
03f55ec25d9a3378ea637e14a506a25ba0e4ee25
created 2015-02-26 04:38 +0100
pushed 2015-05-10 10:26 +0000
Mark Goodwin Mark Goodwin - Bug 1130757 - Move OneCRL check to NSSCertDBTrustDomain::GetCertTrust. r=dkeeler, a=sledru
a76195f874dedc6d57c5b7fcae3f235634447ebf
created 2015-02-24 15:48 -0800
pushed 2015-05-10 10:26 +0000
David Keeler David Keeler - Bug 1049740 - Implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys. r=briansmith
ba305ad16ad5f902e929419442c59f41ce4c7f46
created 2015-05-07 11:06 -0700
pushed 2015-05-07 18:28 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames
87995909a9acb1dc2003ed00d2960c294d5c6ba3
created 2015-04-22 14:56 -0700
pushed 2015-04-28 22:02 +0000
David Keeler David Keeler - bug 1102436 - remove PublicKeyPinningService::CheckChainAgainstAllNames draft
91f989aedf12563b1bb431adb87124b91af13a34
created 2015-04-23 20:26 -0400
pushed 2015-04-24 10:42 +0000
Richard Barnes Richard Barnes - Bug 1121982 - Update PSM to use NSS name constraints
c94a39913b477f2848a4a7ca68548008f5710d5e
created 2015-04-07 17:29 -0700
pushed 2015-04-17 22:13 +0000
David Keeler David Keeler - bug 1151512 - only allow whitelisted certificates to be issued by CNNIC root certificates r=jcj r=rbarnes
eac5e76f92805dd617f9afac4380f01efc15401e
created 2015-04-14 14:30 +0200
pushed 2015-04-14 14:16 +0000
Jan Beich Jan Beich - Bug 1154188 - Unbreak build on non-SPS platforms after bug 1153737 r=bsmith
0511335a89fdad7bab8806a06512e5b05b38932a
created 2015-04-12 19:57 -1000
pushed 2015-04-14 14:16 +0000
Brian Smith Brian Smith - Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
aec63c4c2acd5ce1c200c5daea588ea67e3d2a94
created 2015-03-31 15:10 -0700
pushed 2015-03-31 23:02 +0000
Mark Goodwin Mark Goodwin - Bug 1138848 - Modify OneCRL blocklist for subject / public key blocking (r=keeler, unfocused)
eee856befda3b54b11383be5192ce333de40ea08
created 2015-03-05 16:41 +0100
pushed 2015-03-06 10:32 +0000
Cykesiopka Cykesiopka - Bug 1139177 - RSA public key size checking cleanups. r=keeler
54e086d2dcc345490a635adff2e5026f4f2aaa6d
created 2014-12-22 15:59 -0800
pushed 2015-03-03 18:12 +0000
Brian Smith Brian Smith - Bug 1107666, Part 2: Further fix for SSL_OCSP_STAPLING telemetry, r=keeler, a=lsblakk
f378b68991bca8a6711b54bfe11b09a65fc13d27
created 2014-12-11 23:22 -0800
pushed 2015-03-03 18:12 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler, a=sledru
83c8e3ad6835efe962144396410bea2d5a612f28
created 2015-02-26 04:38 +0100
pushed 2015-03-03 15:29 +0000
Mark Goodwin Mark Goodwin - Bug 1130757 - Move OneCRL check to NSSCertDBTrustDomain::GetCertTrust. r=dkeeler
c6f3b60f6f8ab6a9c1d1918373968433d4e5e50b
created 2015-02-24 15:48 -0800
pushed 2015-02-27 21:58 +0000
David Keeler David Keeler - bug 1049740 - implement telemetry to measure compatibility impact of 2048-bit-minimum RSA keys r=briansmith
99f4f20645206379f887d0914e48745310cad12e
created 2015-02-14 16:59 -0800
pushed 2015-02-24 02:39 +0000
Brian Smith Brian Smith - Bug 1131767: Prune away paths using unacceptable algorithms earlier, r=keeler
b304acd94272071c734e6b81a3d4d02c132d3552
created 2014-12-22 16:02 -0800
pushed 2015-02-19 22:06 +0000
Brian Smith Brian Smith - Bug 1107666, Part 2: Further fix for SSL_OCSP_STAPLING telemetry, r=keeler, a=lsblakk
63f7bbd24da3d620d9c0d076e01826a64aa7d268
created 2014-12-11 23:22 -0800
pushed 2015-02-19 22:06 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler
5e39cbc525ad091f8ee8cd2a9fbfcf49f3e89c36
created 2015-02-07 12:14 -0800
pushed 2015-02-11 16:57 +0000
Brian Smith Brian Smith - Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
3fe8d7d7f9f7373d0d3a3341d1a46347c06c85c7
created 2015-02-02 16:17 -0800
pushed 2015-02-11 16:57 +0000
Brian Smith Brian Smith - Bug 1122841, Part 2: Centralize checking of public key, r=keeler
fa67b437a89ab8590a5bcd3a91a4d779f716c6dd
created 2015-01-23 06:17 +0100
pushed 2015-02-05 16:04 +0000
TheKK TheKK - Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
5f8dbb4956752d9759c92ac84b37c79d046805d2
created 2015-01-07 06:08 +0100
pushed 2015-01-09 19:06 +0000
Mark Goodwin Mark Goodwin - Bug 1024809 - (OneCRL) Create a blocklist mechanism to revoke intermediate certs. r=keeler r=Unfocused
less more (0) -100 -60 tip