Issue metadata
Sign in to add a comment
|
Security Panel: Don't call verified_scts "Valid" |
||||||||||||||||||||||||
Issue descriptionThe Security Panel currently says "2 valid SCTs", but that may be misleading. They are verified SCTs. For example, SCTs from logs which have been disqualified are still included in verified_scts as verified, but are not necessarily valid (the log is disqualified). It's mostly a semantic nit, but it's worth calling out that we include SCTs from disqualified logs (we've checked the signature, but the SCT is not treated as 'valid according to policy')
,
May 25 2016
Depends, what do you want "valid" to mean? :) The reason why I ask that question is that the validity of a given SCT is contextually dependent on the holistic set of SCTs - effectively, what the policy validator does. For example, we can know that a signature from a log we know about was correct. However, that log could have been disqualified - and whether or not that SCT contributed to being CT Qualified depends on how the SCT was delivered, when the certificate was issued, what other SCTs were present, etc. The set of signature verified SCTs are all in "verified_scts", but we don't and haven't tracked "the set of SCTs that enabled a certificate to be considered CT Qualified, and why".
,
May 27 2016
I have a simple cosmetic fix at https://codereview.chromium.org/2018863002 There is now quite a bit of C++ code and a DevTools protocol value that refers to SCTs with STATUS_OK as "valid" (in contrast with "invalid"). 1. Would you prefer we update all of that, too? (This requires a small workaround in DevTools for 3 months to accommodate the protocol in older versions of Chrome, but the workaround would be small.) 2. Should I change `SCT_STATUS_OK` (described in the enum as "The SCT is from a known log, and the signature is valid.") to `SCT_STATUS_VERIFIED` [1]? [1] https://code.google.com/p/chromium/codesearch#chromium/src/net/cert/sct_status_flags.h&l=28&q=%22SCT_STATUS_OK%20=%20%22&sq=package:chromium
,
May 27 2016
re: 1 Is this related to UI? re: 2 No, because that hasn't changed at all. I filed this bug primarily because you've wanted to use very precise language, and I wanted to make sure you & folks working on DevTools/security panel understood the distinction/edge case. The signature is valid. It's from a known log, but the log may have been disqualified. The SCT, if from a log that was disqualified, does not contribute to the positive trust status of the page. How to represent that, I don't really have a horse in the game. But it seemed your goal, in the Security Panel, was to list the SCTs positively contributing to trust of the page, but verified_scts doesn't provide that, only the policy validator can. Does that make more sense?
,
Jun 30 2016
Now that we have CT info in DevTools, we should remove the summary line, which would obsolete this change. mmccoy@, are you available for another DevTools change?
,
Aug 4 2016
I had a CL out and LGTMed, but it didn't land because I didn't catch that I needed to update tests (I just saw red trybots and kept trying :-/). Obsolete now, due to https://codereview.chromium.org/2208803002/ |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by lgar...@chromium.org
, May 24 2016