Worth noting with serification of net, these would either have to go in the Chrome process or the network process.  chrome/browser/net will probably mostly end up in Chrome/, since the current goal is to have Chrome things on the Chrome side of the Mojo network API.  To make things safest for embedders, this may be the way to go, though it does mean we either need to inject them into the network process (Which seems like a waste of memory), or have the network service run async queries across a mojo interface (Which could involve same-process or even same-thread hops, but would stil lbe an extra hop).

I'm still skeptical of this goal, but thought I'd bring it up.

You mentioned being skeptical of this goal - could you explain?

And yes, the thought is that this is configuration information that should be injected in, as all embedders would need. Why would you say it seems like a waste of memory? This is no different than how it's done today, so hopefully you can expand.

I assume that currently we access the raw structure compiled into the binary.  If we had to send it to the network stack through mojo, we'd need to make a another copy of it for the network process.  As I recall, these data structures showed up as being a fairly significant chunk of net's binary size, when built as a library.

I'm skeptical that no Chrome code will end up in the network process, just because of performance (I'm also skeptical of the proposed timeline, and if it takes too long, that could also reduce the amount of code that the team chooses to completely rewrite to isolate Chrome and network code).  Of course, I could certainly be wrong.

> I assume that we currently access the raw structure compiled into the binary.

I'm not sure what you meant here. Did you check the header? Access is done via CreateLogVerifiersForKnownLogs()

> As I recall, these data structures showed up as being a fairly significant chunk of net's binary size, when built as a library.

No, this wasn't correct. The issue for Cronet was simply that, through an artifact of the linker, much of the code was being linked out, despite being compiled in. The change to require a CT policy prevented the linker from eliding this code, thus manifesting. However, the structure I'm discussing have never shown up as a significant cause.

> I'm skeptical that no Chrome code will end up in the network process

Apologies, but I'm still not understanding your point here. I think the goal is to help make sure that policies and code that rely on //chrome implementation details indirectly (see //net/docs) may be better suited for //chrome. Despite it being safe and possible to use outside of //chrome - and having a common implementation in //net simplifies things, it's erring on the side of caution to at least provide some source-level signal of the intent.

I don't believe anything meaningfully changes here with servification, but perhaps reading the header will have you agreeing?

Ah, sorry, you're right, I was getting this confused with the HSTS + HKPK table.

But my point in the servicification thing was that if Chrome code does end up in the network service (Which would be initialized in chrome/net or somesuch), then this could in fact end up being initialized in the network process.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d0468f756ffe482d989accc2cd30b821c20e3ac8

commit d0468f756ffe482d989accc2cd30b821c20e3ac8
Author: Ryan Sleevi <rsleevi@chromium.org>
Date: Wed Apr 18 06:42:14 2018

Expose the CT Log information directly

To better support network S13N, expose the CT log information
directly via the //net API, rather than constructing
CTLogVerifiers. This is part of an overall cleanup of the
ct_known_logs as part of uplifting it out of //net.

BUG= 702062 

Change-Id: I6abb95351d3b7c6c32c8247a03da55776d80b817
Reviewed-on: https://chromium-review.googlesource.com/1015061
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#551600}
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/cert/ct_known_logs.cc
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/cert/ct_known_logs.h
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/cert/ct_known_logs_unittest.cc
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/cert/ct_log_verifier.cc
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/cert/ct_log_verifier.h
[modify] https://crrev.com/d0468f756ffe482d989accc2cd30b821c20e3ac8/net/tools/ct_log_list/make_ct_known_logs_list.py

Could this be done in such a way that it allows the log list to be changed at runtime please? That'd be helpful in certificate_transparency_browsertest.cc as we could make that test use either a static list or a list of test logs (https://cs.chromium.org/chromium/src/chrome/browser/ssl/certificate_transparency_browsertest.cc?l=160&rcl=febc3ce9dab6ea148895e1d8c311b6327d4c3c84).

Yes, that's being done, both for in-process and for S13N.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/625078018211aecfa2f3a120aae9a965a128b9c7

commit 625078018211aecfa2f3a120aae9a965a128b9c7
Author: Ryan Sleevi <rsleevi@chromium.org>
Date: Mon Apr 23 17:07:15 2018

Update Certificate Transparency documentation for M68

Update the documentation regarding Certificate Transparency
to provide guidance for site operators and enterprises about
what CT is, as well as what options exist.

Further update the documentation regarding CT for Chromium
and //net embedders regarding best practices.

BUG= 702062 

Change-Id: Ide4fbdc3958f4994cacd4355021b8808a951ab4c
Reviewed-on: https://chromium-review.googlesource.com/1017940
Reviewed-by: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#552735}
[modify] https://crrev.com/625078018211aecfa2f3a120aae9a965a128b9c7/net/docs/certificate-transparency.md

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664

commit 8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664
Author: Ryan Sleevi <rsleevi@chromium.org>
Date: Wed May 09 02:36:23 2018

Refactor Certificate Transparency policy enforcement in //net

The current structure of //net is that there is a base
CTPolicyEnforcer that implements the "CT in Chrome" policy documented
at https://github.com/chromium/ct-policy/blob/master/ct_policy.md ,
and embedders or implementors that wish to override this can derive
from this base and override the concrete virtual method.

However, the CT policy expressed by the CTPolicyEnforcer is
intrinsically tied to the set of logs - both notions like "one Google,
and one non-Google log" (from the policy), but also the ability to
update and maintain those logs over the lifetime of the product. While
this is true for Chrome, this is not true for a number of embedders.

As part of moving the CT configuration 'out' of //net and closer to
the product-level configuration, this changes the CTPolicyEnforcer
to be a pure virtual base, and provides a DefaultCTPolicyEnforcer that
always treats the build as 'out of date' (equivalent to not making any
statement about CT, as it lacks timely details about the logs or the
status of the policy). Because EV treatment right now is mixed between
the cert layer (which flags CERT_STATUS_IS_EV) and the socket layer
(which removes CERT_STATUS_IS_EV if not CT qualified), the socket layer
is updated to allow 'out of date' CT status to grant EV. A future change
will move the EV policy check out of the socket and closer to the CT
policy, so that embedders like Chrome/Chromium can ensure an out of
date log list can result in EV status removal.

The Chrome-specific policy is now moved into
//components/certificate_transparency, the highest it can be moved while
still being usable by the Network Service. The Network Service gains a
new configuration parameter to configure enforcement of the Chrome CT
policy, which works for both the in-process URLRequestContext used by
Chrome and the out-of-process Network Service, as a temporary solution.

This is a significant change in the API contract of the
URLRequestContextBuilder, as it's now effectively moving to disable
CT-by-default for //net embedders other than Chrome/Chromium. This is
intentional, as the widescale rollout of enforcing CT is coupled to
reliable and rapid update mechanisms, and having stale clients with
old lists of logs or old policies can negatively impact the CT
ecosystem - both site operators worried about compatibility with these
products and for CAs wanting to ensure their certificates reliably work.

Mobile versions of Chrome/Chromium are, for the time being, also move to
disable enforcement, similar to how static HPKP is disabled for Android
and iOS. Additional work will be done to ensure that the list of logs
is reliably updatable for these clients, which will then facilitate
enabling CT enforcement.

BUG= 702062 

Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.linux:linux_mojo;master.tryserver.chromium.mac:ios-simulator-cronet;master.tryserver.chromium.mac:ios-simulator-full-configs
Change-Id: Ic5145b6759d8843cb9134e7718e5834c7b5bb010
Reviewed-on: https://chromium-review.googlesource.com/1020160
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#557070}
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/chrome/browser/net/default_network_context_params.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/chromecast/browser/url_request_context_factory.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/cast_channel/cast_socket.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/certificate_transparency/BUILD.gn
[add] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/certificate_transparency/chrome_ct_policy_enforcer.cc
[add] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/certificate_transparency/chrome_ct_policy_enforcer.h
[rename] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/certificate_transparency/chrome_ct_policy_enforcer_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/components/cronet/url_request_context_config.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/content/browser/renderer_host/pepper/ssl_context_helper.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/content/shell/browser/shell_url_request_context_getter.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/google_apis/gcm/tools/mcs_probe.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/ios/components/io_thread/ios_io_thread.mm
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/ios/web/shell/shell_url_request_context_getter.mm
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/ios/web_view/internal/web_view_url_request_context_getter.mm
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/BUILD.gn
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert/ct_policy_enforcer.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert/ct_policy_enforcer.h
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert/ct_verify_result.h
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert/signed_certificate_timestamp.h
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert/x509_certificate_net_log_param.h
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/cert_net/cert_net_fetcher_impl_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/http/http_network_layer_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/http/http_network_transaction_ssl_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/http/http_proxy_client_socket_wrapper_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/http/http_response_body_drainer_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/http/http_stream_factory_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/proxy_resolution/pac_file_fetcher_impl_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/crypto/proof_verifier_chromium.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/crypto_test_utils_chromium.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/quic_end_to_end_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/quic_network_transaction_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/quic_stream_factory_fuzzer.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/quic/chromium/quic_stream_factory_test.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/socket/ssl_client_socket_impl.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/socket/ssl_client_socket_pool_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/socket/ssl_server_socket_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/spdy/chromium/spdy_test_util_common.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/tools/quic/quic_client_bin.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/tools/quic/quic_simple_client_bin.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/url_request/url_request_context_builder.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/url_request/url_request_test_util.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/url_request/url_request_test_util.h
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/net/url_request/url_request_unittest.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/remoting/protocol/ssl_hmac_channel_authenticator.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/remoting/signaling/xmpp_signal_strategy.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/services/network/network_context.cc
[modify] https://crrev.com/8a9c9c1ec6866873e1dd24f6b269bcd7f2bc2664/services/network/public/mojom/network_service.mojom

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/84d795bcd1775f4c89690dad60ad5c9838166ccf

commit 84d795bcd1775f4c89690dad60ad5c9838166ccf
Author: Ryan Sleevi <rsleevi@chromium.org>
Date: Wed May 09 07:06:00 2018

Refactor Certificate Transparency initialization for S13N

Chrome is currently experimenting with using DNS as part of
ensuring the Certificate Transparency logs provide globally
consistent views. When using the Network Service, certificate
verification is performed in the service/context, rather than
the browser context, meaning that the consistency proof
checking also needs to be moved into the Network Service.

However, Certificate Transparency support is also being moved
up into Chrome proper, rather than as part of //net, in order
to ensure the ecosystem does not prematurely ossify.

This CL moves the DNS portion from //chrome, and in particular,
the IOThread, into the Network Service, while moving
initialization of the logs up from //net and into //chrome, by
way of explicit parameters in the NetworkContextParams. If the
set of logs are not supplied, no CT support is initialized, and
if they are supplied, then log consistency checking is enabled if
the base::Feature is enabled.

Bug:  702062 ,  769401 ,  803871 ,  835849 

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I8befb033255366d8431922e29e18879d3cf1b7dc
Reviewed-on: https://chromium-review.googlesource.com/1020304
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#557112}
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/BUILD.gn
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/component_updater/sth_set_component_installer.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/component_updater/sth_set_component_installer.h
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/component_updater/sth_set_component_installer_unittest.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/io_thread.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/io_thread.h
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/io_thread_browsertest.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/net/default_network_context_params.cc
[delete] https://crrev.com/5bc74f5fff976f92f3b9ff3a71c9d1d8ffc58802/chrome/browser/net/sth_distributor_provider.cc
[delete] https://crrev.com/5bc74f5fff976f92f3b9ff3a71c9d1d8ffc58802/chrome/browser/net/sth_distributor_provider.h
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/profiles/profile_io_data.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/browser/profiles/profile_io_data.h
[delete] https://crrev.com/5bc74f5fff976f92f3b9ff3a71c9d1d8ffc58802/chrome/browser/ssl/certificate_transparency_browsertest.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/chrome/test/BUILD.gn
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/net/cert/signed_certificate_timestamp.h
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/BUILD.gn
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/network_context.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/network_context.h
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/network_context_cert_transparency_unittest.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/network_service.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/network_service.h
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/BUILD.gn
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/digitally_signed.typemap
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/digitally_signed_mojom_traits.cc
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/digitally_signed_mojom_traits.h
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/digitally_signed_mojom_traits_unittest.cc
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/signed_tree_head.typemap
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/signed_tree_head_mojom_traits.cc
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/signed_tree_head_mojom_traits.h
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/signed_tree_head_mojom_traits_unittest.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/cpp/typemaps.gni
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/mojom/BUILD.gn
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/mojom/ct_log_info.mojom
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/mojom/digitally_signed.mojom
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/mojom/network_service.mojom
[add] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/public/mojom/signed_tree_head.mojom
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/services/network/url_request_context_builder_mojo.cc
[modify] https://crrev.com/84d795bcd1775f4c89690dad60ad5c9838166ccf/testing/buildbot/filters/mojo.fyi.network_browser_tests.filter

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/24711fe395e8dc95043f46665dbdefc54963dea4

commit 24711fe395e8dc95043f46665dbdefc54963dea4
Author: Ryan Sleevi <rsleevi@chromium.org>
Date: Fri May 11 20:07:34 2018

Move the CTLogList out of //net

The hardcoded list of CT logs is only safe for clients that support
regular updates and the capability of rapid updates, such as Google
Chrome. Hardcoding a list log logs in products that are not regularly
updated runs the risk of ossifying or fragmenting the CT ecosystem.

To avoid accidental misuse, move from //net into
//components/certificate_transparency, moving it further away from
the notion as a "base service" and more into "an optional component
with caveats".

BUG= 702062 

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo;master.tryserver.chromium.mac:ios-simulator-cronet;master.tryserver.chromium.mac:ios-simulator-full-configs
Change-Id: I6be05436a916779bd5c8fcf7fe93b120bda47828
Reviewed-on: https://chromium-review.googlesource.com/1052073
Commit-Queue: Ryan Sleevi <rsleevi@chromium.org>
Reviewed-by: Eran Messeri <eranm@chromium.org>
Reviewed-by: Ryan Hamilton <rch@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#557993}
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/chrome/browser/io_thread.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/chrome/browser/io_thread.h
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/chrome/browser/net/default_network_context_params.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/chromecast/browser/url_request_context_factory.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/BUILD.gn
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/chrome_ct_policy_enforcer.cc
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/ct_known_logs.cc
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/ct_known_logs.h
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/ct_known_logs_unittest.cc
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/data/BUILD.gn
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/data/log_list.json
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/tools/PRESUBMIT.py
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/tools/make_ct_known_logs_list.py
[rename] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/components/certificate_transparency/tools/make_ct_known_logs_list_unittest.py
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/content/shell/browser/shell_url_request_context_getter.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/ios/components/io_thread/ios_io_thread.mm
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/net/BUILD.gn
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/net/third_party/quic/tools/quic_client_bin.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/net/tools/quic/quic_simple_client_bin.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/net/url_request/url_request_context_builder.cc
[modify] https://crrev.com/24711fe395e8dc95043f46665dbdefc54963dea4/services/network/network_context_cert_transparency_unittest.cc