Closed
Bug 1255120
Opened 9 years ago
Closed 7 years ago
add telemetry to measure client certificate usage
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla62
Tracking | Status | |
---|---|---|
firefox62 | --- | fixed |
People
(Reporter: keeler, Assigned: keeler)
References
Details
(Whiteboard: [psm-assigned])
Attachments
(2 files)
Currently we don't know how often Firefox users use client certificates to authenticate to websites. We should add some telemetry that will give us an idea.
Assignee | ||
Updated•9 years ago
|
Whiteboard: [psm-backlog]
Updated•8 years ago
|
Blocks: TelemetryAdditions
Assignee | ||
Updated•7 years ago
|
Priority: -- → P2
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → dkeeler
Priority: P2 → P1
Whiteboard: [psm-backlog] → [psm-assigned]
Comment 4•7 years ago
|
||
mozreview-review |
Comment on attachment 8973044 [details]
bug 1255120 - add telemetry for client certificate use
https://reviewboard.mozilla.org/r/241584/#review247402
This patch is fine.
I'd love to also have knowledge of how many PKCS11 modules there are out there, but that's mostly a different thing, except where the PKCS11 module exists to deliver client certs like the old nCipher Trust-dohicky I used to use early in my career.
So, seems like this is all we could do for 'client certs'.
Attachment #8973044 -
Flags: review?(jjones) → review+
Assignee | ||
Comment 5•7 years ago
|
||
Thanks! We do have security.pkcs11_modules_loaded (although telemetry.mozilla.org is saying there isn't any data for any scalars at the moment...)
Assignee | ||
Comment 6•7 years ago
|
||
Attachment #8973071 -
Flags: review?(francois)
Comment 7•7 years ago
|
||
Comment on attachment 8973071 [details]
data-review-request.txt
1) Is there or will there be **documentation** that describes the schema for the ultimate data set available publicly, complete and accurate?
Yes, in Scalars.yaml.
2) Is there a control mechanism that allows the user to turn the data collection on and off?
Yes, telemetry setting.
3) If the request is for permanent data collection, is there someone who will monitor the data over time?**
Not permanent.
4) Using the **[category system of data types](https://wiki.mozilla.org/Firefox/Data_Collection)** on the Mozilla wiki, what collection type of data do the requested measurements fall under? **
Category 1 or 2.
5) Is the data collection request for default-on or default-off?
Default on, all channels.
6) Does the instrumentation include the addition of **any *new* identifiers** (whether anonymous or otherwise; e.g., username, random IDs, etc. See the appendix for more details)?
No.
7) Is the data collection covered by the existing Firefox privacy notice?
Yes.
8) Does there need to be a check-in in the future to determine whether to renew the data?
No, telemetry alerts are fine.
Attachment #8973071 -
Flags: review?(francois) → review+
Comment hidden (mozreview-request) |
Assignee | ||
Comment 9•7 years ago
|
||
Thanks for the reviews! If I'm reading the calendar correctly (and if it doesn't change), I think 66 gives us 6 months (we'll probably ask to renew it anyway, since we won't get any ESR data in that time...)
Comment 10•7 years ago
|
||
Renewing is not a problem (and doesn't require another data review, just a quick r+ on the version bump). We much prefer that to permanent probes!
Comment 11•7 years ago
|
||
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/69c1887daefd
add telemetry for client certificate use r=jcj
Comment 12•7 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox62:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
Updated•6 years ago
|
status-firefox48:
affected → ---
You need to log in
before you can comment on or make changes to this bug.
Description
•