Add timing interface for SSL handshake




7 years ago
9 months ago


(Reporter: Honza, Unassigned)


(Depends on: 1 bug)

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)


(Whiteboard: [firebug-p3][necko-would-take])



7 years ago
Firebug's Net panel is using nsIHttpActivityObserver and nsIActivityDistributor to measure various request phases. But it isn't possible to measure SSL Handshake (also OCSP validation step could be nice to measure).

Would it be feasible to append such APIs?



7 years ago
Whiteboard: [firebug-p3]
OCSP is going to get optimized and might probably get also disconnected from a channel/page.

However, I am working on the Necko telemetry for (hopefully) the next aurora merge that should also measure SSL timings and anything (or at least most significant) that SSL invokes.  We don't have API for measuring that so we are probably going to create some.

CC'ing Brian that works on OCSP optimizations.
It should be pretty straightforward to add measurements for certificate path validation in total, and other aspects of the handshake. The detailed information about how long each OCSP request takes may require changes to libpkix, so I filed bug 657584 about that. (Though, we may be able to report this detailed information without changing libpkix since Firefox plugs in its own HTTP implementation to libpkix.)
Severity: normal → enhancement
OS: Windows Vista → All
Hardware: x86 → All
Summary: Firebug: measure SSL timings → Add timing interface for SSL handshake
Version: 1.9.1 Branch → Trunk
Note that the web timing spec has an optional 'secureConnectionStart' field that we could provide if we had this info.

We're currently not implementing the field in our first implementation (see bug 576006 and bug 570341)
Blocks: 650129
This paper has some data on time taken by OCSP:

(just see the table 2 on page 4)

Note the large variance, and also the variance in median values for different responders. I am not sure of the implications of this on the Telemetry though.
Whiteboard: [firebug-p3] → [firebug-p3][necko-would-take]
You need to log in before you can comment on or make changes to this bug.