diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 19:50:02 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 19:50:02 +0000 |
| commit | b2471359cfbd4f7b9621ba2542b947841bfadb27 (patch) | |
| tree | 241b1e8c58a26a5bbfb1df3c9f5d342c492ad693 /chrome/browser/browser_main.cc | |
| parent | 1b3db78c4451a755eeaadc4cedceccd9e91724c8 (diff) | |
| download | chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.zip chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.gz chromium_src-b2471359cfbd4f7b9621ba2542b947841bfadb27.tar.bz2 | |
net: add embedded DNSSEC chain support.
Now that the DNS root is signed we have a good trust path in several
TLDs (including .org). This patch enables self-signed certificates to
include a DNSSEC chain as an extension which proves a CERT record,
containing the fingerprint of the public key.
The format of the chain is still undecided, so this is only enabled
with --enable-dnssec-certs.
BUG=none
TEST=net_unittests
http://codereview.chromium.org/2806076
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55771 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/browser_main.cc')
| -rw-r--r-- | chrome/browser/browser_main.cc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/chrome/browser/browser_main.cc b/chrome/browser/browser_main.cc index 6b29674..fc6511b 100644 --- a/chrome/browser/browser_main.cc +++ b/chrome/browser/browser_main.cc @@ -175,6 +175,9 @@ void BrowserMainParts::EarlyInitialization() { PrefetchFieldTrial(); InitializeSSL(); + if (parsed_command_line().HasSwitch(switches::kEnableDNSSECCerts)) + net::SSLConfigService::EnableDNSSEC(); + PostEarlyInitialization(); } |