Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(138)

Issue 7312070: code review 7312070: crypto/x509: all MS/NS SCG key usage as ServerAuth. (Closed)

Can't Edit
Can't Publish+Mail
Start Review
Created:
9 years, 7 months ago by agl1
Modified:
9 years, 7 months ago
Reviewers:
CC:
rsc, golang-dev
Visibility:
Public.

Description

crypto/x509: allow MS/NS SCG key usage as ServerAuth. By default, crypto/x509 assumes that users wish to validate certificates for ServerAuth. However, due to historical reasons, COMODO's intermediates don't specify ServerAuth as an allowed key usage. Rather NSS and CryptoAPI both allow these SGC OIDs to be equivalent to ServerAuth.

Patch Set 1 #

Patch Set 2 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 3 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 4 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 5 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 6 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Unified diffs Side-by-side diffs Delta from patch set Stats (+121 lines, -10 lines) Patch
M src/pkg/crypto/x509/verify.go View 1 2 1 chunk +8 lines, -0 lines 0 comments Download
M src/pkg/crypto/x509/verify_test.go View 1 2 chunks +97 lines, -0 lines 0 comments Download
M src/pkg/crypto/x509/x509.go View 1 3 chunks +16 lines, -10 lines 0 comments Download

Messages

Total messages: 3
agl1
Hello golang-dev@googlegroups.com (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://go.googlecode.com/hg/
9 years, 7 months ago (2013-02-09 17:44:36 UTC) #1
rsc
LGTM First line of CL desc: s/all/allow/
9 years, 7 months ago (2013-02-09 18:03:37 UTC) #2
agl1
9 years, 7 months ago (2013-02-09 18:21:07 UTC) #3
*** Submitted as https://code.google.com/p/go/source/detail?r=12a2a5f062e5 ***

crypto/x509: allow MS/NS SCG key usage as ServerAuth.

By default, crypto/x509 assumes that users wish to validate
certificates for ServerAuth. However, due to historical reasons,
COMODO's intermediates don't specify ServerAuth as an allowed key
usage.

Rather NSS and CryptoAPI both allow these SGC OIDs to be equivalent to
ServerAuth.

R=rsc
CC=golang-dev
https://codereview.appspot.com/7312070
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b