This PR (HEAD: 3845283) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/go/+/166219 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off)
See the Wiki page for more info

This PR (HEAD: 421d7cc) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/go/+/166219 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off)
See the Wiki page for more info

Message from Gobot Gobot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
Within the next week or so, a maintainer will review your change and provide
feedback. See https://golang.org/doc/contribute.html#review for more info and
tips to get your patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

During May-July and Nov-Jan the Go project is in a code freeze, during which
little code gets reviewed or merged. If a reviewer responds with a comment like
R=go1.11, it means that this CL will be reviewed as part of the next development
cycle. See https://golang.org/s/release for more details.

Please don’t reply on this GitHub thread. Visit golang.org/cl/166219.
After addressing review feedback, remember to publish your drafts!

Message from Emmanuel Odeke:

Patch Set 2:

(1 comment)

Thank you for this change Penglei and welcome to the Go project!

I have added some suggestions to augment your commit message.
Please submit a test along with this change as the change deals
with critical code and moreover for verifying intermediate CA certificates.

Please don’t reply on this GitHub thread. Visit golang.org/cl/166219.
After addressing review feedback, remember to publish your drafts!

Message from penglei:

Patch Set 2:

Patch Set 2:

(1 comment)

Thank you for this change Penglei and welcome to the Go project!

I have added some suggestions to augment your commit message.
Please submit a test along with this change as the change deals
with critical code and moreover for verifying intermediate CA certificates.

OK，I will follow up on this matter in the near future.

Please don’t reply on this GitHub thread. Visit golang.org/cl/166219.
After addressing review feedback, remember to publish your drafts!

Message from Filippo Valsorda:

Patch Set 2:

I implemented a more conservative fix at https://go-review.googlesource.com/c/go/+/178539, could you test that? Thank you!

Please don’t reply on this GitHub thread. Visit golang.org/cl/166219.
After addressing review feedback, remember to publish your drafts!

Message from penglei:

Patch Set 2:

Patch Set 2:

I implemented a more conservative fix at https://go-review.googlesource.com/c/go/+/178539, could you test that? Thank you!

I tested it. It works very well. I think this PR should be closed.

Please don’t reply on this GitHub thread. Visit golang.org/cl/166219.
After addressing review feedback, remember to publish your drafts!

This PR is being closed because golang.org/cl/166219 has been abandoned.

Superseded by https://go-review.googlesource.com/c/go/+/178539