Closed Bug 1255120 Opened 9 years ago Closed 7 years ago

add telemetry to measure client certificate usage

Categories

(Core :: Security: PSM, defect, P1)

Product:
Core
Component:
Security: PSM
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla62
Tracking Flags:
Tracking Status
firefox62 --- fixed

People

(Reporter: keeler, Assigned: keeler)

References

Details

(Whiteboard: [psm-assigned])

Attachments

(2 files)

bug 1255120 - add telemetry for client certificate use
59 bytes, text/x-review-board-request
jcj
: review+
Details
data-review-request.txt
2.90 KB, text/plain
francois
: review+
Details
Currently we don't know how often Firefox users use client certificates to authenticate to websites. We should add some telemetry that will give us an idea.
Whiteboard: [psm-backlog]
Priority: -- → P2
Assignee: nobody → dkeeler
Priority: P2 → P1
Whiteboard: [psm-backlog] → [psm-assigned]
Comment on attachment 8973044 [details] bug 1255120 - add telemetry for client certificate use https://reviewboard.mozilla.org/r/241584/#review247402 This patch is fine. I'd love to also have knowledge of how many PKCS11 modules there are out there, but that's mostly a different thing, except where the PKCS11 module exists to deliver client certs like the old nCipher Trust-dohicky I used to use early in my career. So, seems like this is all we could do for 'client certs'.
Attachment #8973044 - Flags: review?(jjones) → review+
Thanks! We do have security.pkcs11_modules_loaded (although telemetry.mozilla.org is saying there isn't any data for any scalars at the moment...)
Attachment #8973071 - Flags: review?(francois)
Comment on attachment 8973071 [details] data-review-request.txt 1) Is there or will there be **documentation** that describes the schema for the ultimate data set available publicly, complete and accurate? Yes, in Scalars.yaml. 2) Is there a control mechanism that allows the user to turn the data collection on and off? Yes, telemetry setting. 3) If the request is for permanent data collection, is there someone who will monitor the data over time?** Not permanent. 4) Using the **[category system of data types](https://wiki.mozilla.org/Firefox/Data_Collection)** on the Mozilla wiki, what collection type of data do the requested measurements fall under? ** Category 1 or 2. 5) Is the data collection request for default-on or default-off? Default on, all channels. 6) Does the instrumentation include the addition of **any *new* identifiers** (whether anonymous or otherwise; e.g., username, random IDs, etc. See the appendix for more details)? No. 7) Is the data collection covered by the existing Firefox privacy notice? Yes. 8) Does there need to be a check-in in the future to determine whether to renew the data? No, telemetry alerts are fine.
Attachment #8973071 - Flags: review?(francois) → review+
Thanks for the reviews! If I'm reading the calendar correctly (and if it doesn't change), I think 66 gives us 6 months (we'll probably ask to renew it anyway, since we won't get any ESR data in that time...)
Renewing is not a problem (and doesn't require another data review, just a quick r+ on the version bump). We much prefer that to permanent probes!
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/69c1887daefd add telemetry for client certificate use r=jcj
https://hg.mozilla.org/mozilla-central/rev/69c1887daefd
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox62: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: