Issue 768591 link

Starred by 2 users

Issue metadata

Status:	Available
Owner:	----
Cc:	sergeyu@chromium.org rsleevi@chromium.org
Components:	Internals>Network>Certificate Internals>PlatformIntegration
EstimatedDays:	----
NextAction:	----
OS:	Fuchsia
Pri:	3
Type:	Bug

Fuchsia: Integrate with the system certificate verification API

Project Member Reported by sergeyu@chromium.org, Sep 25 2017

Issue description

On Fuchsia chrome loads root certificates from /system/data/boringssl/cert.pem (see https://chromium-review.googlesource.com/c/chromium/src/+/644826 ). Will need to migrate to the Fuchsia's certificate verification API once it's implemented in netstack (see https://fuchsia.atlassian.net/browse/NET-105 ).

Comment 1 by w...@chromium.org, May 21 2018

Cc: sergeyu@chromium.org

sergeyu: Is this still valid / planned? We use the Chromium certificate verification logic, pulling in the Fuchsia root-certificate-store file as a package dependency. Do we need/want to switch the actual verifier?

Comment 2 by sergeyu@chromium.org, May 21 2018

Cc: rsleevi@chromium.org

I think this bug is still valid. Currently we use custom cert verifier with the system-provided root cert store. It would be better to either bundle root certs with chrome or use a system cert verification API.
+rsleevi@

Comment 3 by rsleevi@chromium.org, May 21 2018

Yup, Chrome side is actively working on that (the bundling roots in Chrome side)

►

Issue 768591 link

Issue metadata

Fuchsia: Integrate with the system certificate verification API

Issue description

Comment 1 by w...@chromium.org, May 21 2018

Comment 1 Deleted

Comment 2 by sergeyu@chromium.org, May 21 2018

Comment 2 Deleted

Comment 3 by rsleevi@chromium.org, May 21 2018

Comment 3 Deleted

Sign in to add a comment