Issue 7312070: code review 7312070: crypto/x509: all MS/NS SCG key usage as ServerAuth.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 7312070: code review 7312070: crypto/x509: all MS/NS SCG key usage as ServerAuth. (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
11 years, 2 months ago by agl1

Modified:
11 years, 2 months ago

Reviewers:

CC:
rsc, golang-dev

Visibility:
Public.

Description

crypto/x509: allow MS/NS SCG key usage as ServerAuth. By default, crypto/x509 assumes that users wish to validate certificates for ServerAuth. However, due to historical reasons, COMODO's intermediates don't specify ServerAuth as an allowed key usage. Rather NSS and CryptoAPI both allow these SGC OIDs to be equivalent to ServerAuth.

Patch Set 1 #

Patch Set 2 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 3 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 4 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 5 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Patch Set 6 : diff -r 3c9d355fba18 https://go.googlecode.com/hg/ #

Created: 11 years, 2 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+121 lines, -10 lines)			Patch
M	src/pkg/crypto/x509/verify.go	View	1 2	1 chunk	+8 lines, -0 lines	0 comments	Download
M	src/pkg/crypto/x509/verify_test.go	View	1	2 chunks	+97 lines, -0 lines	0 comments	Download
M	src/pkg/crypto/x509/x509.go	View	1	3 chunks	+16 lines, -10 lines	0 comments	Download

Messages

Total messages: 3

Expand All Messages | Collapse All Messages

agl1

Hello golang-dev@googlegroups.com (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://go.googlecode.com/hg/

11 years, 2 months ago (2013-02-09 17:44:36 UTC) #1

agl1

11 years, 2 months ago (2013-02-09 18:21:07 UTC) #3

*** Submitted as https://code.google.com/p/go/source/detail?r=12a2a5f062e5 ***

crypto/x509: allow MS/NS SCG key usage as ServerAuth.

By default, crypto/x509 assumes that users wish to validate
certificates for ServerAuth. However, due to historical reasons,
COMODO's intermediates don't specify ServerAuth as an allowed key
usage.

Rather NSS and CryptoAPI both allow these SGC OIDs to be equivalent to
ServerAuth.

R=rsc
CC=golang-dev
https://codereview.appspot.com/7312070

Expand All Messages | Collapse All Messages