diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-22 02:31:52 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-22 02:31:52 +0000 |
| commit | a9ec0b5dae2c77a4d722d1a9750d2c2659dfb168 (patch) | |
| tree | a3620a3fc0eb956099e53ecdc3398e7bc66b3a9d /third_party/apple_apsl | |
| parent | 9543a854a079e2dfc35d4aed1f85fbad133bfc61 (diff) | |
| download | chromium_src-a9ec0b5dae2c77a4d722d1a9750d2c2659dfb168.zip chromium_src-a9ec0b5dae2c77a4d722d1a9750d2c2659dfb168.tar.gz chromium_src-a9ec0b5dae2c77a4d722d1a9750d2c2659dfb168.tar.bz2 | |
Address post-review feedback for r81702.
On Mac, if certificate revocation checking is disabled in the preferences, absolutely no revocation checking will occur, which now also includes bypassing/ignoring the local CRL and OCSP caches.
R=wtc
BUG=78523
TEST=none
Review URL: http://codereview.chromium.org/6879095
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@82617 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'third_party/apple_apsl')
| -rw-r--r-- | third_party/apple_apsl/README.chromium | 10 | ||||
| -rw-r--r-- | third_party/apple_apsl/cssmapplePriv.h | 7 |
2 files changed, 9 insertions, 8 deletions
diff --git a/third_party/apple_apsl/README.chromium b/third_party/apple_apsl/README.chromium index b2d1ca9..f183768 100644 --- a/third_party/apple_apsl/README.chromium +++ b/third_party/apple_apsl/README.chromium @@ -38,6 +38,14 @@ Modifications: cssmapplePriv.h from: http://www.opensource.apple.com/source/libsecurity_cssm/libsecurity_cssm-31536/lib/cssmapplePriv.h +Warning: Technically, this is a private Apple header, and as such provides no +guarantee for API stability. However, the use of this header is the only way +to implement OCSP checking per Apple's public documentation on the usage of +their Trust Policy Module. Further, the use of this private header is the +recommended approach from Apple for modifying OCSP policies. + +See: http://developer.apple.com/documentation/Security/Reference/SecAppleTrustPolicyModuleSpec/Apple_Trust_Policy_Module_Functional_Specification.pdf +and http://lists.apple.com/archives/apple-cdsa/2008/Aug/msg00008.html + Modifications: - Removed unneeded definitions for internal Apple CSP DL enums and structs -- Added a comment explaining its usage
\ No newline at end of file diff --git a/third_party/apple_apsl/cssmapplePriv.h b/third_party/apple_apsl/cssmapplePriv.h index 45151d6..18092bd 100644 --- a/third_party/apple_apsl/cssmapplePriv.h +++ b/third_party/apple_apsl/cssmapplePriv.h @@ -22,13 +22,6 @@ * * cssmapplePriv.h -- Private CSSM features specific to Apple's Implementation */ - -/* Though this is a private header, it is the recommended means by Apple for - * configuring OCSP options, as the required structures that are documented - * as part of their public API, at: - * http://developer.apple.com/documentation/Security/Reference/SecAppleTrustPolicyModuleSpec/Apple_Trust_Policy_Module_Functional_Specification.pdf - * See also http://lists.apple.com/archives/apple-cdsa/2008/Aug/msg00008.html - */ #ifndef _CSSMAPPLE_PRIV_H_ #define _CSSMAPPLE_PRIV_H_ 1 |