Still hoping to hear from Mozilla to see if the draft policies are sufficient for them, but I think we can draft a CL already.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/971e3a91b29cbad4b3ed85b513c1f3b1b2e1980a

commit 971e3a91b29cbad4b3ed85b513c1f3b1b2e1980a
Author: Martijn Croonen <martijnc@chromium.org>
Date: Fri Nov 10 09:04:45 2017

Whitelist policy field for preloaded HSTS entries.

Bug:  778047 
Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
Change-Id: Ib879c1e7dfd9f664ed733dcc51a1f80e24fdc806
Reviewed-on: https://chromium-review.googlesource.com/751664
Reviewed-by: Ryan Sleevi <rsleevi@chromium.org>
Commit-Queue: Martijn Croonen <martijnc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515514}
[modify] https://crrev.com/971e3a91b29cbad4b3ed85b513c1f3b1b2e1980a/net/tools/transport_security_state_generator/input_file_parsers.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4bf96c30121ed23f8025e0a2ee6c68831fd0786f

commit 4bf96c30121ed23f8025e0a2ee6c68831fd0786f
Author: Martijn Croonen <martijnc@chromium.org>
Date: Thu Nov 16 00:15:13 2017

Assign policies to preloaded HSTS entries

Bug:  778047 
Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
Change-Id: Id9a36cfe9b9302be536d4d620ed92cc31f244e32
Reviewed-on: https://chromium-review.googlesource.com/757596
Commit-Queue: Lucas Garron <lgarron@chromium.org>
Reviewed-by: Lucas Garron <lgarron@chromium.org>
Cr-Commit-Position: refs/heads/master@{#516911}
[modify] https://crrev.com/4bf96c30121ed23f8025e0a2ee6c68831fd0786f/net/http/transport_security_state_static.json

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/973d1f19258ad93be1e0a317f542f1cc4290ba56

commit 973d1f19258ad93be1e0a317f542f1cc4290ba56
Author: Martijn Croonen <martijnc@chromium.org>
Date: Fri Nov 24 16:51:04 2017

Require and validate the new policy field for preloaded HSTS entries.

This change makes the "policy" field required for all preloaded entries
and validates its content.

The actual value isn't used by the generator and does not become part
of the binary output. The policy field will be used for list
maintenance (an auto-roller and automated pruning).

Bug:  778047 
Change-Id: I485a55e17e0d3aa4f97f8605cceeeef9ba355ed4
Reviewed-on: https://chromium-review.googlesource.com/782724
Reviewed-by: Ryan Sleevi <rsleevi@chromium.org>
Commit-Queue: Martijn Croonen <martijnc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519135}
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/http/transport_security_state_static.json
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/http/transport_security_state_static_unittest1.json
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/http/transport_security_state_static_unittest2.json
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/http/transport_security_state_static_unittest3.json
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/http/transport_security_state_static_unittest_default.json
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/tools/transport_security_state_generator/input_file_parsers.cc
[modify] https://crrev.com/973d1f19258ad93be1e0a317f542f1cc4290ba56/net/tools/transport_security_state_generator/input_file_parsers_unittest.cc