measure when CRLite and OCSP fetching differ
Categories
(Core :: Security: PSM, enhancement, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox94 | --- | fixed |
People
(Reporter: jcj, Assigned: keeler)
References
(Blocks 1 open bug)
Details
(Whiteboard: [psm-assigned])
Attachments
(2 files)
Bug 1675655 - gather telemetry on how often CRLite and OCSP disagree data-review=chutten r?jschanck!
(deleted),
text/x-phabricator-request
|
Details | |
(deleted),
text/plain
|
chutten
:
data-review+
|
Details |
This is to-be-discussed in Monday's meeting, but:
We had on our list the idea of comparing OCSP results against CRLite results and evaluating that telemetry before proceeding to Beta testing.
The problem is, revocations are rare events, almost unto statistical anomalies, so I'm a little concerned as to whether we'll have enough possibility of signal to justify the effort here, compared to just enabling Enforce mode and waiting for bug reports.
Anyway, discuss Monday, and here's the bug should we need it.
Assignee | ||
Comment 1•3 years ago
|
||
(as this is an enhancement, its severity should be n/a)
Assignee | ||
Comment 2•3 years ago
|
||
The added telemetry category labels are cryptically short because there is a
limit of 20 characters for each one.
Assignee | ||
Comment 3•3 years ago
|
||
Comment 4•3 years ago
|
||
Comment on attachment 9242137 [details]
1675655-request.md
DATA COLLECTION REVIEW RESPONSE:
Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate?
Yes.
Is there a control mechanism that allows the user to turn the data collection on and off?
Yes. This collection is Telemetry so can be controlled through Firefox's Preferences.
If the request is for permanent data collection, is there someone who will monitor the data over time?
No. This collection will expire in six months.
Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?
Category 2, Interaction.
Is the data collection request for default-on or default-off?
Default on for all channels.
Does the instrumentation include the addition of any new identifiers?
No.
Is the data collection covered by the existing Firefox privacy notice?
Yes.
Does the data collection use a third-party collection tool?
No.
Result: datareview+
Updated•3 years ago
|
Comment 6•3 years ago
|
||
bugherder |
Updated•3 years ago
|
Updated•3 years ago
|
Description
•