diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-14 23:49:19 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-14 23:49:19 +0000 |
| commit | 0374b299997a8bd265a7f79cc06f79e7892a0ac7 (patch) | |
| tree | e6df89d8a3dd741026b39442ffed95b30835b075 /chrome/app | |
| parent | b31844be04ffac8e67d5f302c3bad5b28e1dec79 (diff) | |
| download | chromium_src-0374b299997a8bd265a7f79cc06f79e7892a0ac7.zip chromium_src-0374b299997a8bd265a7f79cc06f79e7892a0ac7.tar.gz chromium_src-0374b299997a8bd265a7f79cc06f79e7892a0ac7.tar.bz2 | |
Add new certificate error code
ERR_CERT_WEAK_SIGNATURE_ALGORITHM and certificate status
flag CERT_STATUS_WEAK_SIGNATURE_ALGORITHM. Note that I
didn't add new load flag
LOAD_IGNORE_CERT_WEAK_SIGNATURE_ALGORITHM.
Allow users to accept MD2 certificates as certificates
signed using a weak signature algorithm. MD4 certificates
are still treated as invalid certificates.
R=jar,jcampan
BUG=http://crbug.com/18725
TEST=none
Review URL: http://codereview.chromium.org/165504
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23497 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/app')
| -rw-r--r-- | chrome/app/generated_resources.grd | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index e2026c3..62860a8 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -1927,6 +1927,19 @@ each locale. --> Server's certificate is invalid </message> + <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_TITLE" desc="Title of the error page for a certificate signed using a weak signature algorithm"> + The site's security certificate is signed using a weak signature algorithm! + </message> + <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS" desc="Details of the error page for a certificate signed using a weak signature algorithm"> + You attempted to reach <strong><ph name="DOMAIN">$1<ex>paypal.com</ex></ph></strong>, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged, and the server may not be the server you expected (you may be communicating with an attacker). You should not proceed. + </message> + <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_EXTRA_INFO_2" desc="2nd paragraph of extra information for a X509 certificate signed using a weak signature algorithm"> + In this case, the server certificate or an intermediate CA certificate presented to your browser is signed using a weak signature algorithm such as RSA-MD2. Recent research by computer scientists showed the signature algorithm is weaker than previously believed, and the signature algorithm is rarely used by trustworthy websites today. This certificate could have been forged. You should not proceed past this point. + </message> + <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION" desc="Description of the error page for a certificate signed using a weak signature algorithm"> + Server's certificate is signed using a weak signature algorithm + </message> + <message name="IDS_CERT_ERROR_UNKNOWN_ERROR_TITLE" desc="Title of the error page for an unknown ssl error"> Unknown server certificate error </message> |