Security/Features/TLS Telemetry: Difference between revisions

Security/Features/TLS Telemetry (view source)

111 bytes added , 30 December 2011

no edit summary

Confirmed users

110

edits

@@ Line 25: / Line 25: @@
 * Collect ratio of SSL/TLS OK vs FAIL connections
 ** This should be represented in the number of errors + version datapoints collected below
-** This is a sanity check to make sure we aren't missing some workflow
+** <del>This is a sanity check to make sure we aren't missing some workflow</del> No longer explicitly collecting this histogram
 * Collect cipher suites exchanged during handshake and negotiated cipher
 ** Ciphersuites in PSM are ordered in decreasing preference. The SSL/TLS specification says that the client should send their supported ciphersuites in this order. The server then choose the most preferred ciphersuite that it also supports.
@@ Line 36: / Line 36: @@
 ** It would be desirable to disable weak certificates. {{bug|360126}}
 * Collect SSL/TLS certificate related errors
-** We ignore NSS protocol errors
+** <del>We ignore NSS protocol errors</del> We are now collecting all returned errors
 ** We will collect the exact error that NSS returns to PSM if it is a certificate error.
 ** For some of these errors, we will collect additional information.