tree: d094a65ea43590ef0ffa28cf63200630573cc2cd [path history] [tgz]
  1. data/
  2. tools/
  3. BUILD.gn
  4. certificate_transparency.proto
  5. certificate_transparency_config.proto
  6. chrome_ct_policy_enforcer.cc
  7. chrome_ct_policy_enforcer.h
  8. chrome_ct_policy_enforcer_unittest.cc
  9. chrome_require_ct_delegate.cc
  10. chrome_require_ct_delegate.h
  11. chrome_require_ct_delegate_unittest.cc
  12. ct_known_logs.cc
  13. ct_known_logs.h
  14. ct_known_logs_unittest.cc
  15. ct_timestamp.proto
  16. DEPS
  17. DIR_METADATA
  18. OWNERS
  19. pref_names.cc
  20. pref_names.h
  21. README.md
components/certificate_transparency/README.md

Certificate Transparency (CT)

This directory contains the implementation of the CT log list and Chrome's CT policy enforcement.

The policy enforcement implementation here builds on the interfaces defined in net::TransportSecurityState::RequireCTDelegate and net::CTPolicyEnforcer to implement Chrome's CT policy. See ChromeRequireCTDelegate and ChromeCTPolicyEnforcer for implementation details, respectively.

The log list format is defined in certificate_transparency.proto, and Chrome’s CT configuration format is defined in certificate_transparency_config.proto. A built-in log list is included in data/log_list.json; updates to the log list are delivered via component updater (via the “PKI Metadata” component) and take precedence over this built-in log list when available. The built-in copy of the log list is updated via automated commits. The built-in log list is compiled into a C++ source file by the script in tools/make_ct_known_logs_list.py, via the action defined in data/BUILD.gn.

This component also contains various pref and feature definitions, and the C++ APIs used to interact with the log list.

For more information about Certificate Transparency, see https://certificate.transparency.dev/. For more information about Chrome's Certificate Transparency policies, see https://goo.gl/chrome/ct-policy and https://goo.gl/chrome/ct-log-policy.