Issue metadata
Sign in to add a comment
|
Deprecate DHE-based ciphers |
||||||||||||||||||||||||||||||||||||||||||||
Issue description(See http://www.chromium.org/blink#launch-process for an overview) Change description: Officially deprecate DHE-based ciphers and add a JS console warning in DevTools. See https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/dYyhKHPnrI0/pNxx8vTKBAAJ for earlier "pre-"Intent. (Will send out another one with the right format to dot i's and cross t's.) Changes to API surface: None, just a JS console warning. We'll remove it in a later release. When DHE is removed, we'll stop advertising DHE-based ciphers. It is expected that the vast majority of DHE-based Links: Public standards discussion: None Support in other browsers: Internet Explorer: DHE is still supported Firefox: DHE is still supported Safari: DHE has been removed *Make sure to fill in any labels with a -?, including all OSes this change affects. Feel free to leave other labels at the defaults.
,
Jun 28 2016
+awhalley, can we close this one? There's a separate launch bug ( issue #619194 ) for the removal.
,
Jun 28 2016
Looks good. Moving to Verified as I've confirmed that I'm seeing the console warning when visiting https://dh2048.badssl.com/ in M51
,
Jul 28 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/661e32a163aa0561de98a31e3d0bc43314e301dc commit 661e32a163aa0561de98a31e3d0bc43314e301dc Author: jam <jam@chromium.org> Date: Thu Jul 28 21:20:44 2016 Remove one content::SSLStatus usage in the renderer. Move the console warning when visiting localhost sites with bad certs can be done in the browser. Also remove the DHE warning since it's not needed anymore per the bug. BUG=598073, 598109 Review-Url: https://codereview.chromium.org/2190783002 Cr-Commit-Position: refs/heads/master@{#408474} [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/chrome/browser/ui/tab_contents/core_tab_helper.cc [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/chrome/browser/ui/tab_contents/core_tab_helper.h [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/chrome/renderer/chrome_render_frame_observer.cc [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/chrome/renderer/chrome_render_frame_observer.h [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/content/public/renderer/render_view.h [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/content/renderer/render_view_browsertest.cc [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/content/renderer/render_view_impl.cc [modify] https://crrev.com/661e32a163aa0561de98a31e3d0bc43314e301dc/content/renderer/render_view_impl.h |
|||||||||||||||||||||||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||||||||||||||||||||||
Comment 1 by bugdroid1@chromium.org
, Apr 3 2016