diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-07 00:28:59 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-07 00:28:59 +0000 |
| commit | 47ea65f514d695a05e1d957be9b17cde2ac51f33 (patch) | |
| tree | 358edebf16e3292a4389125a5a4e651601678c50 /chrome/app/policy | |
| parent | 2106b2c5b24189a3c566dd2253df7c5d6e547d27 (diff) | |
| download | chromium_src-47ea65f514d695a05e1d957be9b17cde2ac51f33.zip chromium_src-47ea65f514d695a05e1d957be9b17cde2ac51f33.tar.gz chromium_src-47ea65f514d695a05e1d957be9b17cde2ac51f33.tar.bz2 | |
Add an enterprise policy preference for requiring revocation checks (hard fail) for local anchors
BUG=258642
Review URL: https://chromiumcodereview.appspot.com/18959003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@216045 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/app/policy')
| -rw-r--r-- | chrome/app/policy/policy_templates.json | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json index 795679d..1cc9245 100644 --- a/chrome/app/policy/policy_templates.json +++ b/chrome/app/policy/policy_templates.json @@ -117,7 +117,7 @@ # persistent IDs for all fields (but not for groups!) are needed. These are # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, # because doing so would break the deployed wire format! -# For your editing convenience: highest ID currently used: 234 +# For your editing convenience: highest ID currently used: 235 # # Placeholders: # The following placeholder strings are automatically substituted: @@ -3248,6 +3248,24 @@ If the policy is not set, or is set to false, then Chrome will not perform online revocation checks in Chrome 19 and later.''', }, { + 'name': 'RequireOnlineRevocationChecksForLocalAnchors', + 'type': 'main', + 'schema': { 'type': 'boolean' }, + 'supported_on': ['chrome_os:0.30-', 'chrome.linux:30-', 'chrome.win:30-'], + 'features': { + 'dynamic_refresh': True, + 'per_profile': False, + }, + 'example_value': False, + 'id': 235, + 'caption': '''Whether online OCSP/CRL checks are required for local trust anchors''', + 'desc': '''When this setting is enabled, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will always perform revocation checking for server certificates that successfully validate and are signed by locally-installed CA certificates. + + If <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> is unable to obtain revocation status information, such certificates will be treated as revoked ('hard-fail'). + + If this policy is not set, or it is set to false, then Chrome will use the existing online revocation checking settings.''', + }, + { 'name': 'ReportDeviceVersionInfo', 'type': 'main', 'schema': { 'type': 'boolean' }, |