Confirm
110
edits
Changes
no edit summary
* Collect ratio of SSL/TLS OK vs FAIL connections
** This should be represented in the number of errors + version datapoints collected below
** <del>This is a sanity check to make sure we aren't missing some workflow</del> No longer explicitly collecting this histogram
* Collect cipher suites exchanged during handshake and negotiated cipher
** Ciphersuites in PSM are ordered in decreasing preference. The SSL/TLS specification says that the client should send their supported ciphersuites in this order. The server then choose the most preferred ciphersuite that it also supports.
** It would be desirable to disable weak certificates. {{bug|360126}}
* Collect SSL/TLS certificate related errors
** <del>We ignore NSS protocol errors</del> We are now collecting all returned errors
** We will collect the exact error that NSS returns to PSM if it is a certificate error.
** For some of these errors, we will collect additional information.
