Google pins update (Nov 2016) |
||||||||||||
Issue descriptionThis bug exists to track the merging of an update to the Google pins. This change will be merged to all active branches so that we stop building binaries with the old pins ASAP. The old pins will expire ten weeks from the time of the last build.
,
Dec 7 2016
Requesting a merge to all active branches. This change adds the GlobalSign R2 CA certificate to the set of acceptable certificates for HTTPS connections to Google. Chrome (official builds only) have a 10 week built-in limit for how long they believe their pinning information to be valid. Thus every time we build a new official build, we reset the clock on when we can start changing our production certificates. Which is why this change needs to be merged to every branch that we might build from in the future.
,
Dec 7 2016
Your change meets the bar and is auto-approved for M56 (branch: 2924)
,
Dec 7 2016
[Automated comment] Request affecting a post-stable build (M55), manual review required.
,
Dec 7 2016
[Automated comment] We don't branch for M57 for another 42 days, was this request meant for M56?
,
Dec 7 2016
,
Dec 7 2016
(Still need review for M55.)
,
Dec 7 2016
+ Alex for Merge review as change is applicable to all os.
,
Dec 7 2016
,
Dec 7 2016
Merge approved for M55 branch 2883.
,
Dec 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/378d64878a6c9d888385ab87797351a3d1612a68 commit 378d64878a6c9d888385ab87797351a3d1612a68 Author: Adam Langley <agl@chromium.org> Date: Wed Dec 07 21:22:58 2016 Update Google pins. (Merge to 2883, i.e. M55.) This change adds the GlobalSign R2 root to the set of acceptable SPKIs for Google properties. BUG= 669560 Review-Url: https://codereview.chromium.org/2539853002 Cr-Commit-Position: refs/heads/master@{#436337} (cherry picked from commit 863fe2c9b4a76f0f0d09a17ce59beba2f001d015) Review URL: https://codereview.chromium.org/2553053004 . Cr-Commit-Position: refs/branch-heads/2883@{#719} Cr-Branched-From: 614d31daee2f61b0180df403a8ad43f20b9f6dd7-refs/heads/master@{#423768} [modify] https://crrev.com/378d64878a6c9d888385ab87797351a3d1612a68/net/http/http_security_headers_unittest.cc [modify] https://crrev.com/378d64878a6c9d888385ab87797351a3d1612a68/net/http/transport_security_state_static.h [modify] https://crrev.com/378d64878a6c9d888385ab87797351a3d1612a68/net/http/transport_security_state_static.json
,
Dec 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8414ad60e501bdef71018598206d2d471f772310 commit 8414ad60e501bdef71018598206d2d471f772310 Author: Adam Langley <agl@chromium.org> Date: Wed Dec 07 21:42:21 2016 Update Google pins. (Merge to 2924, i.e. M56.) This change adds the GlobalSign R2 root to the set of acceptable SPKIs for Google properties. BUG= 669560 Review-Url: https://codereview.chromium.org/2539853002 Cr-Commit-Position: refs/heads/master@{#436337} (cherry picked from commit 863fe2c9b4a76f0f0d09a17ce59beba2f001d015) Review URL: https://codereview.chromium.org/2550093007 . Cr-Commit-Position: refs/branch-heads/2924@{#391} Cr-Branched-From: 3a87aecc31cd1ffe751dd72c04e5a96a1fc8108a-refs/heads/master@{#433059} [modify] https://crrev.com/8414ad60e501bdef71018598206d2d471f772310/net/http/http_security_headers_unittest.cc [modify] https://crrev.com/8414ad60e501bdef71018598206d2d471f772310/net/http/transport_security_state_static.h [modify] https://crrev.com/8414ad60e501bdef71018598206d2d471f772310/net/http/transport_security_state_static.json
,
Dec 7 2016
|
||||||||||||
►
Sign in to add a comment |
||||||||||||
Comment 1 by bugdroid1@chromium.org
, Dec 5 2016