Skip to content

GitLab

T
tangled
Commit ff77dbed authored by Ryan Sleevi's avatar Ryan Sleevi Committed by Commit Bot
Browse files
Options

Distrust the remainder of the Symantec Legacy PKI 

As previously communicated, and as documented at at
https://g.co/chrome/symantecpkicerts, certificates issued
by the Symantec Legacy PKI Infrastructure between
2016-06-01 and 2017-12-01 will no longer be trusted. This
changes the default state to remove trust in these
certificates. Certificates issued under the DigiCert
Managed PKI, or those from previously-identified,
independent third-party CAs, are not affected.

Bug: 796230, 805460
Change-Id: I74bdecc9dfdd66dec1a111f9eddb830babfa8222
Reviewed-on: https://chromium-review.googlesource.com/1134209
Commit-Queue: Nick Harper <nharper@chromium.org>
Reviewed-by: default avatarNick Harper <nharper@chromium.org>
Cr-Commit-Position: refs/heads/master@{#577764}
parent de9ac7cd
Hide whitespace changes
Inline Side-by-side
Showing with 1 addition and 1 deletion
net/cert/cert_verify_proc.cc
View file @ ff77dbed
...@@ -912,6 +912,6 @@ const base::Feature CertVerifyProc::kSHA1LegacyMode{ ...@@ -912,6 +912,6 @@ const base::Feature CertVerifyProc::kSHA1LegacyMode{
// static // static
const base::Feature CertVerifyProc::kLegacySymantecPKIEnforcement{ const base::Feature CertVerifyProc::kLegacySymantecPKIEnforcement{
"LegacySymantecPKI", base::FEATURE_DISABLED_BY_DEFAULT}; "LegacySymantecPKI", base::FEATURE_ENABLED_BY_DEFAULT};
} // namespace net } // namespace net
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment