Closed Bug 1035942 Opened 5 years ago Closed 5 years ago

Determine whether we should consider the end-entity Common Name as a dNSName in CheckNameConstraints instead of BuildCertChain

Categories

(Core :: Security: PSM, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla33

People

(Reporter: briansmith, Assigned: briansmith)

References

Details

Attachments

(1 file)

Camilo, you suggested this change previously when we were in a time crunch. This change helps with the testing of name constraints in mozilla::pkix so we should do it now.
Attachment #8452436 - Flags: review?(cviecco)
Comment on attachment 8452436 [details] [diff] [review]
Common-Name-more-like-dNSName-amirite.patch

Review of attachment 8452436 [details] [diff] [review]:
-----------------------------------------------------------------

I would rename this as 'make endEntityOrCA part of the backcert' because that is the main change of this.
Attachment #8452436 - Flags: review?(cviecco) → review+
Assuming keeler is OK with it, let's land cviecco's patch and then land this on top of cviecco's patch.
No longer blocks: 1030204
Depends on: 1030204
https://hg.mozilla.org/mozilla-central/rev/3a4d57c7ffdf
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.