Closed Bug 1604267 Opened 2 years ago Closed 2 years ago

add security.tls.version.enable-deprecated to DEFAULT_ENVIRONMENT_PREFS


(Core :: Security: PSM, enhancement, P1)




Tracking Status
firefox73 --- fixed


(Reporter: keeler, Assigned: keeler)


(Blocks 1 open bug)


(Whiteboard: [psm-assigned])


(2 files)

For disabling TLS 1.0/1.1, we want to collect how many users opt to re-enable these versions of TLS using the error page UI, so we need to add security.tls.version.enable-deprecated to DEFAULT_ENVIRONMENT_PREFS.

This adds security.tls.version.enable-deprecated to DEFAULT_ENVIRONMENT_PREFS,
which should tell us how many users have re-enabled TLS 1.0/1.1 via the error
page UI.

Attached file 1604267-data-review
Attachment #9116251 - Flags: data-review?(chutten)
Comment on attachment 9116251 [details]

This data collection will need to be documented. The usual place for userPrefs is [a subsection of the Environment docs](

(the rest of the review request looks good)
Attachment #9116251 - Flags: data-review?(chutten) → data-review-
Comment on attachment 9116251 [details]


    Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate?

Yes. This collection is documented in [the in-tree documentation](

    Is there a control mechanism that allows the user to turn the data collection on and off?

Yes. This collection is Telemetry so can be controlled through Firefox's Preferences.

    If the request is for permanent data collection, is there someone who will monitor the data over time?

No. This collection is intended to be removed in 6 months.

    Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?

Category 2, Interaction.

    Is the data collection request for default-on or default-off?

Default on for all channels.

    Does the instrumentation include the addition of any new identifiers?


    Is the data collection covered by the existing Firefox privacy notice?


    Does there need to be a check-in in the future to determine whether to renew the data?

Yes. :tdsmith is responsible for renewing or removing the collection before it expires in six months.

Result: datareview+
Attachment #9116251 - Flags: data-review- → data-review+
Pushed by
collect telemetry to see how many users have used the error page UI to re-enable TLS 1.0/1.1 r=tdsmith,chutten
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla73

I'd set a calendar reminder for today to make sure this collection is still necessary; since the TLS 1.[01] deprecation timeline was extended, we'll need this for longer. I set a followup reminder for May 15, at which point I'll request renewal or not.

You need to log in before you can comment on or make changes to this bug.