From b736e5057cbfaf261c36d61cbc3b8018d202c0a5 Mon Sep 17 00:00:00 2001
From: "agl@chromium.org"
 <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 14 Oct 2010 18:23:54 +0000
Subject: net: update DNSSEC chain embedded extension OID.

We now have an assigned OID in the Google corporate OID subspace.

BUG=none
TEST=none

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62593 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/socket/ssl_client_socket_nss.cc | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'net/socket')

diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index aa8c7fc..9766654 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -2202,9 +2202,10 @@ static DNSValidationResult CheckDNSSECChain(
   if (!dnssec_chain_tag_valid) {
     // It's harmless if multiple threads enter this block concurrently.
     static const uint8 kDNSSECChainOID[] =
-        // 1.3.6.1.4.1.11129.13172
-        // (iso.org.dod.internet.private.enterprises.google.13172)
-        {0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0xe6, 0x74};
+        // 1.3.6.1.4.1.11129.2.1.4
+        // (iso.org.dod.internet.private.enterprises.google.googleSecurity.
+        //  certificateExtensions.dnssecEmbeddedChain)
+        {0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x04};
     SECOidData oid_data;
     memset(&oid_data, 0, sizeof(oid_data));
     oid_data.oid.data = const_cast<uint8*>(kDNSSECChainOID);
-- 
cgit v1.1