Show something more useful than the number of bits in the cipher key.

For a very long time, the first element in the security section of the
Connection dialog says something like:
  "Your connection to example.com is encrypted with 128-bit encryption"

This is useless because it makes people think that 256 bits must be better than
128. But AES-256-CBC is 256 bits and it's far worse than AES-128-GCM.

Also, we had a different message for when bits <= 80, but we don't support any
of those ciphers any longer so that could never be triggered.

This change switches the message to simply say wheather the cipher suite is
decent or legacy. We use the same judgement function as the one for deciding
whether a TLS connection is acceptable for HTTP/2. Basically, >= TLS 1.2,
forward secure and using an AEAD cipher.

Since this text is two clicks down, users will probably never see it. But I'll
stop being annoyed every time I see the old message.

BUG=none
R=felt@chromium.org

Review URL: https://codereview.chromium.org/703143003

Cr-Commit-Position: refs/heads/master@{#303935}

1 files changed, 1 insertions, 1 deletions

diff --git a/net/ssl/ssl_cipher_suite_names.h b/net/ssl/ssl_cipher_suite_names.h
index 29c03a1..4e02fc6 100644
--- a/net/ssl/ssl_cipher_suite_names.h
+++ b/net/ssl/ssl_cipher_suite_names.h
@@ -55,7 +55,7 @@ NET_EXPORT bool ParseSSLCipherString(const std::string& cipher_string,
 // Currently, this function follows these criteria:
 // 1) Only uses forward secure key exchanges
 // 2) Only uses AEADs
-NET_EXPORT_PRIVATE bool IsSecureTLSCipherSuite(uint16 cipher_suite);
+NET_EXPORT bool IsSecureTLSCipherSuite(uint16 cipher_suite);
 
 }  // namespace net