Remove EnableSha1ForLocalAnchors policy |
||||||
Issue descriptionWe added the EnableSha1ForLocalAnchors policy flag to allow enterprises to keep using SHA-1 certificates with their private PKI. We've stated[0] that we'll keep it around until at least January 1st 2019. This bug is to remind us to remove it in Chrome 72 [0] https://sites.google.com/a/chromium.org/dev/Home/chromium-security/education/tls/sha-1
,
Oct 23
Seems it is out of scope from TE end & , adding TE-NeedsTraige-help label to move this out of our triaging bucket. Could someone from dev team please take a look into this issue. Thanks..!
,
Oct 23
,
Nov 5
Friendly ping to get an update on this issue as it is marked as RBB. Thanks..!
,
Nov 12
Gentle ping to get an update as it is marked as RBB. Thanks..!
,
Nov 12
,
Nov 15
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7c1505e569689947d209639c08def0c1a5cd26f7 commit 7c1505e569689947d209639c08def0c1a5cd26f7 Author: Ryan Sleevi <rsleevi@chromium.org> Date: Thu Nov 15 21:50:11 2018 Remove the EnableSha1ForLocalAnchors policy As documented in the policy notes and past announcements regarding SHA-1 deprecation, the ability to support SHA-1 for local trust anchors is going away in January 2019, which aligns with Chrome 72. This policy was introduced to provide an additional two years for Enterprises to migrate off their SHA-1 leaves and intermediates. Bug: 653687 Change-Id: I924202c7cbc40fc123221d8202886a974979158f Reviewed-on: https://chromium-review.googlesource.com/c/1331146 Reviewed-by: Pavol Marko <pmarko@chromium.org> Commit-Queue: Ryan Sleevi <rsleevi@chromium.org> Cr-Commit-Position: refs/heads/master@{#608529} [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/browser/policy/configuration_policy_handler_list_factory.cc [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/browser/ssl/ssl_browsertest.cc [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/browser/ssl/ssl_config_service_manager_pref.cc [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/browser/ssl/ssl_config_service_manager_pref_unittest.cc [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/common/pref_names.cc [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/common/pref_names.h [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/7c1505e569689947d209639c08def0c1a5cd26f7/components/policy/resources/policy_templates.json
,
Nov 21
rsleevi@: If there is no further work to be done here, can this be marked as Fixed?
,
Nov 26
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by awhalley@google.com
, Oct 11