OneCRL

OneCRL

[9] Revoking Intermediate Certificates: Introducing OneCRL | Mozilla Security Blog (2015-03-21 15:31:36 +09:00 版) <https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/>

[6] CA:ImprovingRevocation - MozillaWiki (2015-03-21 11:05:17 +09:00 版) <https://wiki.mozilla.org/CA:ImprovingRevocation>

[8] CA:RevocationPlan - MozillaWiki (2015-03-21 11:08:04 +09:00 版) <https://wiki.mozilla.org/CA:RevocationPlan>

[15] Firefox 37 Feature to Improve SSL/TLS Certificate Security (2015-04-02 12:31:42 +09:00 版) <http://www.eweek.com/security/firefox-37-feature-to-improve-ssltls-certificate-security.html>

[1] 1024809 – (OneCRL) Add Revoked Intermediate Certs to revocation list push mechanism ( (2016-05-09 22:30:30 +09:00)) <https://bugzilla.mozilla.org/show_bug.cgi?id=1024809>

[2] gecko-dev/NSSCertDBTrustDomain.cpp at master · mozilla/gecko-dev ( (2016-05-31 12:33:46 +09:00)) <https://github.com/mozilla/gecko-dev/blob/master/security/certverifier/NSSCertDBTrustDomain.cpp>

[3] gecko-dev/nsICertBlocklist.idl at master · mozilla/gecko-dev ( (2016-05-31 12:36:10 +09:00)) <https://github.com/mozilla/gecko-dev/blob/master/security/manager/ssl/nsICertBlocklist.idl>

[4] gecko-dev/CertBlocklist.cpp at master · mozilla/gecko-dev ( (2016-05-31 12:37:13 +09:00)) <https://github.com/mozilla/gecko-dev/blob/master/security/manager/ssl/CertBlocklist.cpp>

[5] >>4 Firefox のプロファイルのディレクトリーに revocations.txt があります。現時点で7.31KBのファイルです。 2016-05-31T03:43:47.600Z

[7] Firefox のプロファイルのディレクトリーに blocklist.xml があります。 revocations.txt はそのうちの certItems 要素の内容から生成されているようです。

[10] gecko-dev/test_cert_blocklist.js at master · mozilla/gecko-dev ( (2016-05-31 12:50:38 +09:00)) <https://github.com/mozilla/gecko-dev/blob/master/security/manager/ssl/tests/unit/test_cert_blocklist.js>

[11] Collecting info about previously-revoked intermediate certs - Google グループ ( (2016-05-31 17:21:12 +09:00)) <https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/VWEzxILcL28>

[12] 1435609 - Stop sending cert blocklist items as part of blocklist.xml / kinto-blocklist / etc. (2018-02-21 10:52:04 +09:00) <https://bugzilla.mozilla.org/show_bug.cgi?id=1435609>

[13] 1359428 - Remove preference to select OneCRL update mechanism (2018-02-21 10:58:25 +09:00) <https://bugzilla.mozilla.org/show_bug.cgi?id=1359428>

[14] 1224467 - Add a preference to select OneCRL update mechanism (2018-02-21 10:59:51 +09:00) <https://bugzilla.mozilla.org/show_bug.cgi?id=1224467>

OneCRL