New issue
Advanced search Search tips

Issue 654264 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 654306
Owner: ----
Closed: Oct 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

Certificate Transparency - GDCA CT Log Server Inclusion

Reported by hanjie77...@gmail.com, Oct 9 2016

Issue description

UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36

Steps to reproduce the problem:
Log Server URL: https://ctlog.gdca.com.cn/ct/v1
HTTPS supported: yes
MMD: 24 hours

Contact Information:
- email: capoc@gdca.com.cn;
- phone number:  +86(20)83487228-805
- Log Operator: GDCA

Server public key: Attached file: gdca-ct-key-public.pem
Accepted Roots: Attached file: gdca-trusted-roots.pem

the "Merge Delay Monitor Root" already add in the trusted roots file.

Log Description and Policy: Currently, the only policy in place is that the certificate chain to a publicly trusted root certificate.  However, during the testing and log inclusion process, we are only including the GDCA trusted roots as authorized. Additional root entries will be evaluated after receiving an inclusion request. We will likely develop our policies further based on the results from the discussions in the Trans working group and our own internal policies.  Such policies may include an enforcement of BR and EV standards, a requirement for at least organizational vetting on the certificate, minimum key sizes and hash algorithms, and similar checks.

What is the expected behavior?

What went wrong?
The GDCA CT Log Server is ready to be included in the Chrome and Chromium browsers.

Did this work before? N/A 

Chrome version: 52.0.2743.82  Channel: n/a
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 23.0 r0
 
gdca-ct-public-key.pem
178 bytes Download
gdca-trusted-roots.pem
4.0 KB Download

Comment 2 Deleted

This issue is not a type of security one. I had open a new bug that is not a security one. Thank you!
Components: Internals>Network>CertTrans Internals>Network>SSL
Labels: -Type-Bug-Security -OS-Windows -Restrict-View-SecurityTeam -Arch-x86_64 OS-All Type-Bug
Removing security flags.

Comment 6 by mmenke@chromium.org, Oct 10 2016

Mergedinto: 654306
Status: Duplicate (was: Unconfirmed)

Sign in to add a comment