Changes

Jump to: navigation, search

Security/Features/TLS Telemetry

218 bytes removed, 23:16, 2 December 2011
no edit summary
The negotiated information may be sufficient for our uses.
|Feature overview=The goal of this telemetry study is to collect SSL/TLS related data that our users encounter in their daily browsing. This data can be used to decide whether Firefox should support legacy / less secure protocols such as weak keys or SSLv2 . |Feature users and use cases=The target users are Firefox users. '''Use Cases'''*Collect cipher suites exchanged during handshake and negotiated cipher *Collect TLS/SSL version *Collect certificate key strength (bits)*Collect TLS/SSL certificate related errors**What kind of errors are our users encountering? **Domain mismatch, expired, untrusted issuer, etc|Feature privacy review=Review is in progress. Please see [[Privacy/Reviews/Telemetry/SSL_Certificates_And_Errors|Privacy review page]]
|Feature implementation notes=Implementation bug
* {{bug|707275}}
|Feature security health=OK
}}
Goals of Study:
 
*Collect cipher suites exchanged during handshake and negotiated cipher
**[http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/nsISSLStatus.idl nsISSLStatus.idl] exposes <tt>cipherName</tt>
*Collect TLS/SSL version
*Collect certificate key strength (bits)
**[http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/nsISSLStatus.idl nsISSLStatus.idl] exposes <tt>keyLength</tt> and <tt>secretKeyLength</tt>
*Collect TLS/SSL certificate related errors
** [http://mxr.mozilla.org/mozilla-central/source/netwerk/socket/nsITransportSecurityInfo.idl nsITransportSecurityInfo.idl] exposes securityState
** [http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/nsIX509Cert3.idl nsIX509Cert3.idl]
**What kind of errors are our users encountering?
**Domain mismatch, expired, untrusted issuer, etc
Dchan
Confirm
110
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/375424"

Navigation menu