Closed
Bug 1266571
Opened 8 years ago
Closed 8 years ago
Add telemetry to measure incidence of non-TLS use of HTTP AUTH
Categories
(Core :: General, defect)
Core
General
Tracking
()
RESOLVED
FIXED
mozilla49
| Tracking | Status | |
|---|---|---|
| firefox49 | --- | fixed |
People
(Reporter: abr, Assigned: abr)
Details
Attachments
(1 file, 3 obsolete files)
|
4.72 KB,
patch
|
abr
:
review+
|
Details | Diff | Splinter Review |
The idea has been floated that we may wish to start taking some action regarding the use of HTTP auth -- and basic auth in particular -- over non-TLS connections. Options discussed so far include alerting the user of the nature of the connection, and blocking basic auth over unencrypted connections altogether. This measurement is intended to collect data around the incidence of the use of basic auth (versus digest and ntlm auth) and its relative frequency over secure versus insecure connections. This measurement is intended to inform the conversation around how we treat unencrypted http auth in the future.
|
Assignee | |
Comment 1•8 years ago
|
||
|
||
Updated•8 years ago
|
Attachment #8744067 -
Flags: review?(mcmanus)
|
|
||
Updated•8 years ago
|
Attachment #8744067 -
Flags: feedback?(benjamin)
|
|
Assignee | |
Comment 2•8 years ago
|
||
And, for Ben's benefit: > What are the questions that these probes are designed to address? Is this the minimum amount of data necessary to answer those questions? See comment 0. > Who is responsible for monitoring the data? How often will they do it? Do the necessary monitoring dashboards already exist or who is going to create them? Richard Barnes will monitor the data, using the existing telemetry dashboard. > What's the user value? Ultimately, this data will let us make informed decisions that may make users more secure. It may also prevent us from making decisions that will inconvenience large quantities of users.
|
||
Comment 3•8 years ago
|
||
Comment on attachment 8744067 [details] [diff] [review] Add telemetry to measure digest auth over non-TLS Review of attachment 8744067 [details] [diff] [review]: ----------------------------------------------------------------- This is more in honza's wheelhouse, so I'm going to have him do the review.. but I've got a few thoughts 1] I expect you'll find digest is basically unused 2] ntlm negotiation is often only present on the first mumble-N transactions for a connection so comparing the raw numbers of ntlm vs other won't be especially helpful (but http vs https for it would be) 3] I'm not sure if negotiate is lumped in with ntlm here or not 4] while data is cool, I'm probably not ok with breaking use legacy use cases.. my general pov is the legacy web is allowed to creep along, let's put all the new web in https only. Basic Auth is legacy web.
Attachment #8744067 -
Flags: review?(mcmanus) → review?(honzab.moz)
|
||
Comment 4•8 years ago
|
||
Comment on attachment 8744067 [details] [diff] [review] Add telemetry to measure digest auth over non-TLS I doubt that "never" is a good choice here. Please make this expire in 6 months. But I'd also encourage you to go ahead and measure on the release population for 6 months: we know that usage varies widely from beta to release, especially across enterprise and in more varied countries/languages. Please also specify the metric in the form of a statement: "Recorded once for each HTTP 401 response. The value records the type of authentication and the TLS-enabled status. 0=basic/clear [etc...]" And that bug# isn't right. Did you mean to use 1266571 instead of 38437?
Attachment #8744067 -
Flags: feedback?(benjamin) → feedback-
|
|
Assignee | |
Comment 5•8 years ago
|
||
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8744067 -
Attachment is obsolete: true
Attachment #8744067 -
Flags: review?(honzab.moz)
|
|
Assignee | |
Comment 6•8 years ago
|
||
Comment on attachment 8745453 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH Addressed Ben's feedback. (FWIW, the previous bug number was a placeholder, inserted because my workflow involves using "hg bzexport" to create a bug from a patch, and I didn't have the bug number ahead of time).
Attachment #8745453 -
Flags: review?(honzab.moz)
Attachment #8745453 -
Flags: feedback?(benjamin)
|
|
||
Comment 7•8 years ago
|
||
Comment on attachment 8745453 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH data-review=me
Attachment #8745453 -
Flags: feedback?(benjamin) → feedback+
|
||
Comment 8•8 years ago
|
||
Comment on attachment 8745453 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH Review of attachment 8745453 [details] [diff] [review]: ----------------------------------------------------------------- Should we also recognize local networks from internet? ::: netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ +773,5 @@ > > + // Collect statistics on how frequently the various types of HTTP > + // authentication are used over SSL and non-SSL connections. > + if (gHttpHandler->IsTelemetryEnabled()) { > + if (!PL_strcasecmp(authType, "basic")) { please use NS_LITERAL_CSTRING("basic").LowerCaseEqualsASCII(authType) @@ +779,5 @@ > + UsingSSL() ? HTTP_AUTH_BASIC_SECURE : HTTP_AUTH_BASIC_INSECURE); > + } else if (!PL_strcasecmp(authType, "digest")) { > + Telemetry::Accumulate(Telemetry::HTTP_AUTH_TYPE_STATS, > + UsingSSL() ? HTTP_AUTH_DIGEST_SECURE : HTTP_AUTH_DIGEST_INSECURE); > + } else if (!PL_strcasecmp(authType, "ntlm")) { and what about Negotiate?
Attachment #8745453 -
Flags: review?(honzab.moz) → feedback-
|
|
Assignee | |
Comment 9•8 years ago
|
||
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8745453 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 10•8 years ago
|
||
Comment on attachment 8746715 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH (In reply to Honza Bambas (:mayhemer) from comment #8) > Should we also recognize local networks from internet? That's not part of what Richard has expressed interest in measuring, and it would require a substantially larger patch to accomplish. I'd like to go ahead and get this lightweight measurement in place rather than expanding scope at this time.
Attachment #8746715 -
Flags: review?(honzab.moz)
|
|
||
Comment 11•8 years ago
|
||
Comment on attachment 8746715 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH Review of attachment 8746715 [details] [diff] [review]: ----------------------------------------------------------------- So, if you don't care about local nets (which I think you should anyway, but whatever you wish) you may at least want to recognize or better simply ignore proxy authentication that is usually going to be local only anyway and should not interfere with end-server authentication probes. Up to you, tho. ::: netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ +775,5 @@ > > + // Collect statistics on how frequently the various types of HTTP > + // authentication are used over SSL and non-SSL connections. > + if (gHttpHandler->IsTelemetryEnabled()) { > + if (!NS_LITERAL_CSTRING("basic").LowerCaseEqualsASCII(authType)) { remove the !
Attachment #8746715 -
Flags: review?(honzab.moz) → review+
|
|
Assignee | |
Comment 12•8 years ago
|
||
|
|
Assignee | |
Comment 13•8 years ago
|
||
Comment on attachment 8747484 [details] [diff] [review] Add telemetry to measure incidence of non-TLS use of HTTP AUTH Carrying forward mayhemer's r+
Attachment #8747484 -
Flags: review+
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8746715 -
Attachment is obsolete: true
|
||
Comment 15•8 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/7e1cffeecaae
Keywords: checkin-needed
|
||
Comment 16•8 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/7e1cffeecaae
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
status-firefox49:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
You need to log in
before you can comment on or make changes to this bug.
Description
•