[ios] Removed CRLSets usage for WKWebView.

SecTrust API is used to make load/no-load decision for certs, while
CertVerifier is used to get rejection reason. Using CRLSets to get
rejection reason is impractical, because iOS blacklist is very
different from Chrome blacklist as well as cost to store CRLSets on
disk is very high.

BUG=None

Review URL: https://codereview.chromium.org/1465513002

Cr-Commit-Position: refs/heads/master@{#361212}
(cherry picked from commit c8fa67cfb0a220dc259cd433c2f5496b6fb80cbc)

Review URL: https://codereview.chromium.org/1506923002 .

Cr-Commit-Position: refs/branch-heads/2526@{#506}
Cr-Branched-From: cb947c0153db0ec02a8abbcb3ca086d88bf6006f-refs/heads/master@{#352221}

1 files changed, 2 insertions, 2 deletions

diff --git a/ios/web/net/crw_cert_verification_controller.mm b/ios/web/net/crw_cert_verification_controller.mm
index 42d3738..a2036dd 100644
--- a/ios/web/net/crw_cert_verification_controller.mm
+++ b/ios/web/net/crw_cert_verification_controller.mm
@@ -18,7 +18,6 @@
 #include "ios/web/public/web_thread.h"
 #import "ios/web/web_state/wk_web_view_security_util.h"
 #include "net/cert/cert_verify_result.h"
-#include "net/ssl/ssl_config_service.h"
 #include "net/url_request/url_request_context.h"
 #include "net/url_request/url_request_context_getter.h"
 
@@ -430,8 +429,9 @@ decideLoadPolicyForAcceptedTrustResult:(SecTrustResultType)trustResult
         web::CertVerifierBlockAdapter::Params params(
             blockCert.Pass(), base::SysNSStringToUTF8(host));
         params.flags = self.certVerifyFlags;
-        params.crl_set = net::SSLConfigService::GetCRLSet();
         // OCSP response is not provided by iOS API.
+        // CRLSets are not used, as the OS is used to make load/no-load
+        // decisions, not the CertVerifier.
         _certVerifier->Verify(params, ^(net::CertVerifyResult result, int) {
           completionHandler(result, YES);
         });