metrics.yaml (55176B)
1 # This Source Code Form is subject to the terms of the Mozilla Public 2 # License, v. 2.0. If a copy of the MPL was not distributed with this 3 # file, You can obtain one at http://mozilla.org/MPL/2.0/. 4 # Adding a new metric? We have docs for that! 5 # https://firefox-source-docs.mozilla.org/toolkit/components/glean/user/new_definitions_file.html 6 7 --- 8 $schema: moz://mozilla.org/schemas/glean/metrics/2-0-0 9 $tags: 10 - 'Core :: Security: PSM' 11 12 data_storage: 13 alternate_services: 14 type: quantity 15 description: 16 The number of entries stored in the AlternateServices nsIDataStorage 17 bugs: 18 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 19 data_reviews: 20 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 21 data_sensitivity: 22 - interaction 23 notification_emails: 24 - dkeeler@mozilla.com 25 expires: never 26 unit: entries 27 client_auth_remember_list: 28 type: quantity 29 description: 30 The number of entries stored in the ClientAuthRememberList nsIDataStorage 31 bugs: 32 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 33 data_reviews: 34 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 35 data_sensitivity: 36 - interaction 37 notification_emails: 38 - dkeeler@mozilla.com 39 expires: never 40 unit: entries 41 site_security_service_state: 42 type: quantity 43 description: 44 The number of entries stored in the SiteSecurityServiceState nsIDataStorage 45 bugs: 46 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 47 data_reviews: 48 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080 49 data_sensitivity: 50 - interaction 51 notification_emails: 52 - dkeeler@mozilla.com 53 expires: never 54 unit: entries 55 56 tls: 57 certificate_verifications: 58 type: counter 59 description: > 60 The total number of successful TLS server certificate verifications. 61 bugs: 62 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 63 data_reviews: 64 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 65 notification_emails: 66 - dkeeler@mozilla.com 67 expires: never 68 xyber_intolerance_reason: 69 type: labeled_counter 70 description: > 71 The error that was returned from a failed TLS 1.3 handshake in which the client sent a mlkem768x25519 key share (see tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 72 data_sensitivity: 73 - technical 74 bugs: 75 - https://bugzilla.mozilla.org/1874963 76 - https://bugzilla.mozilla.org/1933879 77 - https://bugzilla.mozilla.org/2005387 78 data_reviews: 79 - https://bugzilla.mozilla.org/1874963 80 - https://bugzilla.mozilla.org/1974141 81 notification_emails: 82 - jschanck@mozilla.com 83 expires: 158 84 labels: 85 - PR_CONNECT_RESET_ERROR 86 - PR_END_OF_FILE_ERROR 87 - SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE 88 - SSL_ERROR_BAD_MAC_ALERT 89 - SSL_ERROR_BAD_MAC_READ 90 - SSL_ERROR_DECODE_ERROR_ALERT 91 - SSL_ERROR_HANDSHAKE_FAILED 92 - SSL_ERROR_HANDSHAKE_FAILURE_ALERT 93 - SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT 94 - SSL_ERROR_ILLEGAL_PARAMETER_ALERT 95 - SSL_ERROR_INTERNAL_ERROR_ALERT 96 - SSL_ERROR_KEY_EXCHANGE_FAILURE 97 - SSL_ERROR_NO_CYPHER_OVERLAP 98 - SSL_ERROR_PROTOCOL_VERSION_ALERT 99 - SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE 100 - SSL_ERROR_RX_MALFORMED_HYBRID_KEY_SHARE 101 - SSL_ERROR_UNSUPPORTED_VERSION 102 103 cipher_suite: 104 type: custom_distribution 105 description: > 106 Negotiated cipher suite in TLS handshake (see key in AccumulateCipherSuite 107 in nsNSSCallbacks.cpp) 108 109 This metric was generated to correspond to the Legacy Telemetry enumerated 110 histogram TLS_CIPHER_SUITE. 111 range_min: 0 112 range_max: 64 113 bucket_count: 65 114 histogram_type: linear 115 bugs: 116 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 117 data_reviews: 118 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 119 notification_emails: 120 - seceng-telemetry@mozilla.com 121 expires: never 122 telemetry_mirror: TLS_CIPHER_SUITE 123 124 cert_compression: 125 failures: 126 type: labeled_counter 127 description: 128 The number of times each certificate compression algorithm returned an error. 129 data_sensitivity: 130 - interaction 131 bugs: 132 - https://bugzilla.mozilla.org/show_bug.cgi?id=1881027 133 - https://bugzilla.mozilla.org/show_bug.cgi?id=1933864 134 data_reviews: 135 - https://bugzilla.mozilla.org/1881027 136 notification_emails: 137 - anna.weine@mozilla.com 138 expires: never 139 labels: 140 - zlib 141 - brotli 142 - zstd 143 144 verification_used_cert_from: 145 tls_handshake: 146 type: rate 147 description: > 148 How many successfully-built certificate chains used a certificate from the TLS handshake. 149 bugs: 150 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 151 data_reviews: 152 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 153 notification_emails: 154 - dkeeler@mozilla.com 155 expires: never 156 denominator_metric: tls.certificate_verifications 157 preloaded_intermediates: 158 type: rate 159 description: > 160 How many successfully-built certificate chains used a certificate from preloaded intermediates. 161 bugs: 162 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 163 data_reviews: 164 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 165 notification_emails: 166 - dkeeler@mozilla.com 167 expires: never 168 denominator_metric: tls.certificate_verifications 169 third_party_certificates: 170 type: rate 171 description: > 172 How many successfully-built certificate chains used a third-party certificate from the OS. 173 bugs: 174 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 175 data_reviews: 176 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 177 notification_emails: 178 - dkeeler@mozilla.com 179 expires: never 180 denominator_metric: tls.certificate_verifications 181 nss_cert_db: 182 type: rate 183 description: > 184 How many successfully-built certificate chains used a certificate from the NSS cert DB. 185 bugs: 186 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 187 data_reviews: 188 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 189 notification_emails: 190 - dkeeler@mozilla.com 191 expires: never 192 denominator_metric: tls.certificate_verifications 193 built_in_roots_module: 194 type: rate 195 description: > 196 How many successfully-built certificate chains used a certificate from the built-in roots module. 197 bugs: 198 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 199 data_reviews: 200 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435 201 notification_emails: 202 - dkeeler@mozilla.com 203 expires: never 204 denominator_metric: tls.certificate_verifications 205 206 pkcs11: 207 third_party_modules_loaded: 208 type: quantity 209 description: 210 The number of third-party PKCS#11 modules loaded. 211 bugs: 212 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 213 data_reviews: 214 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 215 data_sensitivity: 216 - interaction 217 notification_emails: 218 - dkeeler@mozilla.com 219 expires: never 220 unit: modules 221 222 third_party_module_signature_type: 223 type: event 224 description: > 225 The filename (leaf name only) and macOS code signature type of a 226 third-party PKCS#11 module collected when the module is first loaded and 227 added to the profile. Only collected on macOS. 228 data_sensitivity: 229 - interaction 230 lifetime: ping 231 send_in_pings: 232 - default 233 bugs: 234 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 235 data_reviews: 236 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 237 notification_emails: 238 - haftandilian@mozilla.com 239 expires: 159 240 extra_keys: 241 filename: 242 type: string 243 description: Filename 244 signature: 245 type: string 246 description: Code signature type (Ad-hoc, App Store, Developer ID, etc.) 247 248 third_party_module_profile_entries: 249 type: string_list 250 description: > 251 A list of PKCS#11 module filenames (leaf names only) that are in the 252 profile at launch time. 253 data_sensitivity: 254 - interaction 255 lifetime: ping 256 send_in_pings: 257 - default 258 notification_emails: 259 - haftandilian@mozilla.com 260 bugs: 261 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 262 data_reviews: 263 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453 264 expires: 159 265 266 external_trust_anchor_module_loaded: 267 type: boolean 268 description: 269 Whether or not an external trust anchor module was loaded. 270 bugs: 271 - https://bugzilla.mozilla.org/show_bug.cgi?id=1958977 272 data_reviews: 273 - https://bugzilla.mozilla.org/show_bug.cgi?id=1958977 274 data_sensitivity: 275 - interaction 276 notification_emails: 277 - anna.weine@mozilla.com 278 - dkeeler@mozilla.com 279 expires: never 280 281 cert_verification_time: 282 success: 283 type: timing_distribution 284 time_unit: microsecond 285 description: > 286 The time it takes to successfully verify a certificate in a TLS handshake. 287 bugs: 288 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 289 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 290 data_reviews: 291 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 292 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 293 data_sensitivity: 294 - technical 295 notification_emails: 296 - seceng-telemetry@mozilla.com 297 - dkeeler@mozilla.com 298 expires: never 299 300 failure: 301 type: timing_distribution 302 time_unit: microsecond 303 description: > 304 The time it takes to fail to verify a certificate in a TLS handshake. 305 bugs: 306 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 307 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 308 data_reviews: 309 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 310 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 311 data_sensitivity: 312 - technical 313 notification_emails: 314 - seceng-telemetry@mozilla.com 315 - dkeeler@mozilla.com 316 expires: never 317 318 ocsp_request_time: 319 success: 320 type: timing_distribution 321 time_unit: millisecond 322 description: > 323 The time it takes to make an OCSP request that succeeded. 324 bugs: 325 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 326 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 327 data_reviews: 328 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 329 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 330 data_sensitivity: 331 - technical 332 notification_emails: 333 - seceng-telemetry@mozilla.com 334 - dkeeler@mozilla.com 335 expires: never 336 337 failure: 338 type: timing_distribution 339 time_unit: millisecond 340 description: > 341 The time it takes to make an OCSP request that failed. 342 bugs: 343 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 344 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 345 data_reviews: 346 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 347 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 348 data_sensitivity: 349 - technical 350 notification_emails: 351 - seceng-telemetry@mozilla.com 352 - dkeeler@mozilla.com 353 expires: never 354 355 cancel: 356 type: timing_distribution 357 time_unit: millisecond 358 description: > 359 The time it takes to make an OCSP request that was cancelled. 360 bugs: 361 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 362 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 363 data_reviews: 364 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 365 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794 366 data_sensitivity: 367 - technical 368 notification_emails: 369 - seceng-telemetry@mozilla.com 370 - dkeeler@mozilla.com 371 expires: never 372 373 networking: 374 nss_initialization: 375 type: quantity 376 description: > 377 The time in milliseconds to initialize the NSS component in the 378 parent process. 379 This metric was generated to correspond to the Legacy Telemetry 380 scalar networking.nss_initialization. 381 bugs: 382 - https://bugzil.la/1628734 383 data_reviews: 384 - https://bugzil.la/1628734 385 notification_emails: 386 - mconley@mozilla.com 387 - dkeeler@mozilla.com 388 expires: never 389 unit: millisecond 390 telemetry_mirror: NETWORKING_NSS_INITIALIZATION 391 392 loading_certs_task: 393 type: quantity 394 description: > 395 The time in milliseconds to load any external certificates. This 396 occurs off of the main-thread, but can block main-thread operations. 397 This metric was generated to correspond to the Legacy Telemetry 398 scalar networking.loading_certs_task. 399 bugs: 400 - https://bugzil.la/1628734 401 data_reviews: 402 - https://bugzil.la/1628734 403 notification_emails: 404 - mconley@mozilla.com 405 - dkeeler@mozilla.com 406 expires: never 407 unit: millisecond 408 telemetry_mirror: NETWORKING_LOADING_CERTS_TASK 409 410 security: 411 client_auth_cert_usage: 412 type: labeled_counter 413 description: > 414 Measures how many servers have requested a client authentication 415 certificate (key: "requested") and how many times the user has opted 416 to send one in response (key: "sent"). 417 This metric was generated to correspond to the Legacy Telemetry 418 scalar security.client_auth_cert_usage. 419 bugs: 420 - https://bugzil.la/1749884 421 data_reviews: 422 - https://bugzil.la/1749884 423 notification_emails: 424 - dkeeler@mozilla.com 425 expires: never 426 telemetry_mirror: SECURITY_CLIENT_AUTH_CERT_USAGE 427 428 addon_signature_verification_status: 429 type: custom_distribution 430 description: > 431 Records the result of App Signature Verification. See the comments in 432 OpenSignedAppFile. 433 434 This metric was generated to correspond to the Legacy Telemetry enumerated 435 histogram ADDON_SIGNATURE_VERIFICATION_STATUS. 436 range_min: 0 437 range_max: 32 438 bucket_count: 33 439 histogram_type: linear 440 bugs: 441 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771523 442 data_reviews: 443 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771523 444 notification_emails: 445 - seceng-telemetry@mozilla.com 446 expires: never 447 telemetry_mirror: ADDON_SIGNATURE_VERIFICATION_STATUS 448 449 content_signature_verification_status: 450 type: custom_distribution 451 description: > 452 What was the result of the content signature verification? 0=valid, 453 1=invalid, 2=noCertChain, 3=createContextFailedWithOtherError, 454 4=expiredCert, 5=certNotValidYet, 6=buildCertChainFailed, 455 7=eeCertForWrongHost, 8=extractKeyError, 9=vfyContextError 456 457 This metric was generated to correspond to the Legacy Telemetry enumerated 458 histogram CONTENT_SIGNATURE_VERIFICATION_STATUS. 459 range_min: 0 460 range_max: 20 461 bucket_count: 21 462 histogram_type: linear 463 bugs: 464 - https://bugzilla.mozilla.org/show_bug.cgi?id=1258647 465 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 466 data_reviews: 467 - https://bugzilla.mozilla.org/show_bug.cgi?id=1258647 468 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 469 notification_emails: 470 - seceng-telemetry@mozilla.com 471 expires: never 472 telemetry_mirror: CONTENT_SIGNATURE_VERIFICATION_STATUS 473 474 content_signature_verification_errors: 475 type: dual_labeled_counter 476 description: > 477 Result of the content signature verification keyed by application 478 (certificate fingerprint). 479 dual_labels: 480 key: 481 description: application (certificate fingerprint). 482 category: 483 labels: 484 - invalid 485 - otherError 486 - expiredCert 487 - certNotValidYet 488 - buildCertChainFailed 489 - eeCertForWrongHost 490 - extractKeyError 491 - vfyContextError 492 description: Possible signature verification errors. 493 bugs: 494 - https://bugzilla.mozilla.org/show_bug.cgi?id=1435713 495 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 496 data_reviews: 497 - https://bugzilla.mozilla.org/show_bug.cgi?id=1435713 498 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 499 notification_emails: 500 - seceng-telemetry@mozilla.com 501 expires: never 502 503 ntlm_module_used: 504 type: custom_distribution 505 description: > 506 The module used for the NTLM protocol (Windows_API, Kerberos, Samba_auth 507 or Generic) and whether or not the authentication was used to connect to a 508 proxy server. This data is collected only once per session (at first NTLM 509 authentification) ; fixed version. 510 511 This metric was generated to correspond to the Legacy Telemetry enumerated 512 histogram NTLM_MODULE_USED_2. 513 range_min: 0 514 range_max: 8 515 bucket_count: 9 516 histogram_type: linear 517 bugs: 518 - https://bugzilla.mozilla.org/show_bug.cgi?id=1956726 519 data_reviews: 520 - https://bugzilla.mozilla.org/show_bug.cgi?id=1956726 521 notification_emails: 522 - seceng-telemetry@mozilla.com 523 expires: never 524 telemetry_mirror: NTLM_MODULE_USED_2 525 526 cert: 527 ev_status: 528 type: custom_distribution 529 description: > 530 EV status of a certificate, recorded on each TLS connection. 0=invalid, 531 1=DV, 2=EV 532 533 This metric was generated to correspond to the Legacy Telemetry enumerated 534 histogram CERT_EV_STATUS. 535 range_min: 0 536 range_max: 10 537 bucket_count: 11 538 histogram_type: linear 539 bugs: 540 - https://bugzilla.mozilla.org/show_bug.cgi?id=1254653 541 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 542 data_reviews: 543 - https://bugzilla.mozilla.org/show_bug.cgi?id=1254653 544 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 545 notification_emails: 546 - seceng-telemetry@mozilla.com 547 expires: never 548 telemetry_mirror: CERT_EV_STATUS 549 550 validation_success_by_ca_2: 551 type: custom_distribution 552 description: > 553 Successful SSL server cert validations by CA (see KnownRootHashes.txt for 554 names of CAs). 555 range_min: 0 556 range_max: 256 557 bucket_count: 257 558 histogram_type: linear 559 bugs: 560 - https://bugzilla.mozilla.org/show_bug.cgi?id=1364159 561 - https://bugzilla.mozilla.org/show_bug.cgi?id=1369747 562 - https://bugzilla.mozilla.org/show_bug.cgi?id=1441550 563 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 564 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 565 data_reviews: 566 - https://bugzilla.mozilla.org/show_bug.cgi?id=1364159 567 - https://bugzilla.mozilla.org/show_bug.cgi?id=1369747 568 - https://bugzilla.mozilla.org/show_bug.cgi?id=1441550 569 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 570 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 571 notification_emails: 572 - seceng-telemetry@mozilla.com 573 - dkeeler@mozilla.com 574 expires: never 575 576 chain_key_size_status: 577 type: custom_distribution 578 description: > 579 Does enforcing a larger minimum RSA key size cause verification failures? 580 1 = no, 2 = yes, 3 = another error prevented finding a verified chain 581 582 This metric was generated to correspond to the Legacy Telemetry enumerated 583 histogram CERT_CHAIN_KEY_SIZE_STATUS. 584 range_min: 0 585 range_max: 4 586 bucket_count: 5 587 histogram_type: linear 588 bugs: 589 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 590 data_reviews: 591 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 592 notification_emails: 593 - seceng-telemetry@mozilla.com 594 expires: never 595 telemetry_mirror: CERT_CHAIN_KEY_SIZE_STATUS 596 597 validation_http_request_result: 598 type: custom_distribution 599 description: > 600 HTTP result of OCSP, etc.. (0=canceled, 1=OK, 2=FAILED, 3=internal-error) 601 602 This metric was generated to correspond to the Legacy Telemetry enumerated 603 histogram CERT_VALIDATION_HTTP_REQUEST_RESULT. 604 range_min: 0 605 range_max: 16 606 bucket_count: 17 607 histogram_type: linear 608 bugs: 609 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 610 data_reviews: 611 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 612 notification_emails: 613 - seceng-telemetry@mozilla.com 614 expires: never 615 telemetry_mirror: CERT_VALIDATION_HTTP_REQUEST_RESULT 616 617 cert_pinning: 618 failures_by_ca_2: 619 type: custom_distribution 620 description: > 621 Pinning failures by CA (see KnownRootHashes.txt for names of CAs). 622 range_min: 0 623 range_max: 256 624 bucket_count: 257 625 histogram_type: linear 626 bugs: 627 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 628 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 629 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 630 data_reviews: 631 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 632 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 633 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 634 notification_emails: 635 - pinning@mozilla.org 636 - dkeeler@mozilla.com 637 expires: never 638 639 results: 640 type: labeled_counter 641 description: > 642 Certificate pinning results (0 = failure, 1 = success) 643 644 This metric was generated to correspond to the Legacy Telemetry boolean 645 histogram CERT_PINNING_RESULTS. 646 labels: 647 - "false" 648 - "true" 649 bugs: 650 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 651 data_reviews: 652 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 653 notification_emails: 654 - pinning@mozilla.org 655 expires: never 656 telemetry_mirror: h#CERT_PINNING_RESULTS 657 658 test_results: 659 type: labeled_counter 660 description: > 661 Certificate pinning test results (0 = failure, 1 = success) 662 663 This metric was generated to correspond to the Legacy Telemetry boolean 664 histogram CERT_PINNING_TEST_RESULTS. 665 labels: 666 - "false" 667 - "true" 668 bugs: 669 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 670 data_reviews: 671 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 672 notification_emails: 673 - pinning@mozilla.org 674 expires: never 675 telemetry_mirror: h#CERT_PINNING_TEST_RESULTS 676 677 moz_results_by_host: 678 type: custom_distribution 679 description: > 680 Certificate pinning results by host for Mozilla operational sites 681 682 This metric was generated to correspond to the Legacy Telemetry enumerated 683 histogram CERT_PINNING_MOZ_RESULTS_BY_HOST. 684 range_min: 0 685 range_max: 512 686 bucket_count: 513 687 histogram_type: linear 688 bugs: 689 - https://bugzilla.mozilla.org/show_bug.cgi?id=1007844 690 - https://bugzilla.mozilla.org/show_bug.cgi?id=1521940 691 data_reviews: 692 - https://bugzilla.mozilla.org/show_bug.cgi?id=1007844 693 - https://bugzilla.mozilla.org/show_bug.cgi?id=1521940 694 notification_emails: 695 - dkeeler@mozilla.com 696 - pinning@mozilla.org 697 expires: never 698 telemetry_mirror: CERT_PINNING_MOZ_RESULTS_BY_HOST 699 700 moz_test_results_by_host: 701 type: custom_distribution 702 description: > 703 Certificate pinning test results by host for Mozilla operational sites 704 705 This metric was generated to correspond to the Legacy Telemetry enumerated 706 histogram CERT_PINNING_MOZ_TEST_RESULTS_BY_HOST. 707 range_min: 0 708 range_max: 512 709 bucket_count: 513 710 histogram_type: linear 711 bugs: 712 - https://bugzilla.mozilla.org/show_bug.cgi?id=1007844 713 - https://bugzilla.mozilla.org/show_bug.cgi?id=1521940 714 data_reviews: 715 - https://bugzilla.mozilla.org/show_bug.cgi?id=1007844 716 - https://bugzilla.mozilla.org/show_bug.cgi?id=1521940 717 notification_emails: 718 - dkeeler@mozilla.com 719 - pinning@mozilla.org 720 expires: never 721 telemetry_mirror: CERT_PINNING_MOZ_TEST_RESULTS_BY_HOST 722 723 ssl_handshake: 724 version: 725 type: custom_distribution 726 description: > 727 Negotiated SSL Version (1=tls1, 2=tls1.1, 3=tls1.2, 4=tls1.3) 728 729 This metric was generated to correspond to the Legacy Telemetry enumerated 730 histogram SSL_HANDSHAKE_VERSION. 731 range_min: 0 732 range_max: 16 733 bucket_count: 17 734 histogram_type: linear 735 bugs: 736 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 737 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 738 data_reviews: 739 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 740 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 741 notification_emails: 742 - seceng-telemetry@mozilla.com 743 expires: never 744 telemetry_mirror: SSL_HANDSHAKE_VERSION 745 746 privacy: 747 type: custom_distribution 748 description: > 749 0th bit - TLS13 used? 1th bit - Revocation Privacy, 2nd bit - DNS Privacy, 750 3rd bit - ECH Privacy 751 752 This metric was generated to correspond to the Legacy Telemetry enumerated 753 histogram SSL_HANDSHAKE_PRIVACY. 754 range_min: 0 755 range_max: 16 756 bucket_count: 17 757 histogram_type: linear 758 bugs: 759 - https://bugzilla.mozilla.org/show_bug.cgi?id=1788290 760 data_reviews: 761 - https://bugzilla.mozilla.org/show_bug.cgi?id=1788290 762 notification_emails: 763 - seceng-telemetry@mozilla.com 764 expires: never 765 telemetry_mirror: SSL_HANDSHAKE_PRIVACY 766 767 result: 768 type: custom_distribution 769 description: > 770 SSL handshake result, 0=success, 1-255=NSS error offset, 256-511=SEC error 771 offset + 256, 512-639=NSPR error offset + 512, 640-670=PKIX error, 772 671=unknown err 773 774 This metric was generated to correspond to the Legacy Telemetry enumerated 775 histogram SSL_HANDSHAKE_RESULT. 776 range_min: 0 777 range_max: 672 778 bucket_count: 673 779 histogram_type: linear 780 bugs: 781 - https://bugzilla.mozilla.org/show_bug.cgi?id=1331280 782 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 783 data_reviews: 784 - https://bugzilla.mozilla.org/show_bug.cgi?id=1331280 785 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 786 notification_emails: 787 - seceng-telemetry@mozilla.com 788 expires: never 789 telemetry_mirror: SSL_HANDSHAKE_RESULT 790 791 result_first_try: 792 type: custom_distribution 793 description: > 794 SSL handshake result for first-try connections, 0=success, 1-255=NSS error 795 offset, 256-511=SEC error offset + 256, 512-639=NSPR error offset + 512, 796 640-670=PKIX error, 671=unknown err 797 798 This metric was generated to correspond to the Legacy Telemetry enumerated 799 histogram SSL_HANDSHAKE_RESULT_FIRST_TRY. 800 range_min: 0 801 range_max: 672 802 bucket_count: 673 803 histogram_type: linear 804 bugs: 805 - https://bugzilla.mozilla.org/show_bug.cgi?id=1780014 806 data_reviews: 807 - https://bugzilla.mozilla.org/show_bug.cgi?id=1780014 808 notification_emails: 809 - seceng-telemetry@mozilla.com 810 expires: never 811 telemetry_mirror: SSL_HANDSHAKE_RESULT_FIRST_TRY 812 813 result_conservative: 814 type: custom_distribution 815 description: > 816 SSL handshake result for conservative mode connections, 0=success, 817 1-255=NSS error offset, 256-511=SEC error offset + 256, 512-639=NSPR error 818 offset + 512, 640-670=PKIX error, 671=unknown err 819 820 This metric was generated to correspond to the Legacy Telemetry enumerated 821 histogram SSL_HANDSHAKE_RESULT_CONSERVATIVE. 822 range_min: 0 823 range_max: 672 824 bucket_count: 673 825 histogram_type: linear 826 bugs: 827 - https://bugzilla.mozilla.org/show_bug.cgi?id=1780014 828 data_reviews: 829 - https://bugzilla.mozilla.org/show_bug.cgi?id=1780014 830 notification_emails: 831 - seceng-telemetry@mozilla.com 832 expires: never 833 telemetry_mirror: SSL_HANDSHAKE_RESULT_CONSERVATIVE 834 835 result_ech: 836 type: custom_distribution 837 description: > 838 SSL handshake result for connections which used ECH 'Real', 0=success, 839 1-255=NSS error offset, 256-511=SEC error offset + 256, 512-639=NSPR error 840 offset + 512, 640-670=PKIX error, 671=unknown err 841 842 This metric was generated to correspond to the Legacy Telemetry enumerated 843 histogram SSL_HANDSHAKE_RESULT_ECH. 844 range_min: 0 845 range_max: 672 846 bucket_count: 673 847 histogram_type: linear 848 bugs: 849 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 850 data_reviews: 851 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 852 notification_emails: 853 - seceng-telemetry@mozilla.com 854 expires: never 855 telemetry_mirror: SSL_HANDSHAKE_RESULT_ECH 856 857 result_ech_grease: 858 type: custom_distribution 859 description: > 860 SSL handshake result for connections which used ECH GREASE, 0=success, 861 1-255=NSS error offset, 256-511=SEC error offset + 256, 512-639=NSPR error 862 offset + 512, 640-670=PKIX error, 671=unknown err 863 864 This metric was generated to correspond to the Legacy Telemetry enumerated 865 histogram SSL_HANDSHAKE_RESULT_ECH_GREASE. 866 range_min: 0 867 range_max: 672 868 bucket_count: 673 869 histogram_type: linear 870 bugs: 871 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 872 data_reviews: 873 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 874 notification_emails: 875 - seceng-telemetry@mozilla.com 876 expires: never 877 telemetry_mirror: SSL_HANDSHAKE_RESULT_ECH_GREASE 878 879 completed: 880 type: custom_distribution 881 description: > 882 Type of handshake (1=resumption, 2=false started, 3=chose not to false 883 start, 4=not allowed to false start) 884 885 This metric was generated to correspond to the Legacy Telemetry enumerated 886 histogram SSL_HANDSHAKE_TYPE. 887 range_min: 0 888 range_max: 8 889 bucket_count: 9 890 histogram_type: linear 891 bugs: 892 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 893 data_reviews: 894 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 895 notification_emails: 896 - seceng-telemetry@mozilla.com 897 expires: never 898 telemetry_mirror: SSL_HANDSHAKE_TYPE 899 900 ssl: 901 time_until_ready: 902 type: timing_distribution 903 description: > 904 ms of SSL wait time including TCP and proxy tunneling 905 906 This metric was generated to correspond to the Legacy Telemetry 907 exponential histogram SSL_TIME_UNTIL_READY. 908 time_unit: millisecond 909 bugs: 910 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 911 data_reviews: 912 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 913 notification_emails: 914 - seceng-telemetry@mozilla.com 915 expires: never 916 telemetry_mirror: SSL_TIME_UNTIL_READY 917 918 time_until_ready_first_try: 919 type: timing_distribution 920 description: > 921 ms of SSL wait time including TCP and proxy tunneling for first-try 922 connections 923 924 This metric was generated to correspond to the Legacy Telemetry 925 exponential histogram SSL_TIME_UNTIL_READY_FIRST_TRY. 926 time_unit: millisecond 927 bugs: 928 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 929 data_reviews: 930 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 931 notification_emails: 932 - seceng-telemetry@mozilla.com 933 expires: never 934 telemetry_mirror: SSL_TIME_UNTIL_READY_FIRST_TRY 935 936 time_until_ready_conservative: 937 type: timing_distribution 938 description: > 939 ms of SSL wait time including TCP and proxy tunneling for 940 conservative-mode connections 941 942 This metric was generated to correspond to the Legacy Telemetry 943 exponential histogram SSL_TIME_UNTIL_READY_CONSERVATIVE. 944 time_unit: millisecond 945 bugs: 946 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 947 data_reviews: 948 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 949 notification_emails: 950 - seceng-telemetry@mozilla.com 951 expires: never 952 telemetry_mirror: SSL_TIME_UNTIL_READY_CONSERVATIVE 953 954 time_until_ready_ech: 955 type: timing_distribution 956 description: > 957 ms of SSL wait time including TCP and proxy tunneling for connections 958 using ECH 'Real' 959 960 This metric was generated to correspond to the Legacy Telemetry 961 exponential histogram SSL_TIME_UNTIL_READY_ECH. 962 time_unit: millisecond 963 bugs: 964 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 965 data_reviews: 966 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 967 notification_emails: 968 - seceng-telemetry@mozilla.com 969 expires: never 970 telemetry_mirror: SSL_TIME_UNTIL_READY_ECH 971 972 time_until_ready_ech_grease: 973 type: timing_distribution 974 description: > 975 ms of SSL wait time including TCP and proxy tunneling for connections 976 using ECH GREASE 977 978 This metric was generated to correspond to the Legacy Telemetry 979 exponential histogram SSL_TIME_UNTIL_READY_ECH_GREASE. 980 time_unit: millisecond 981 bugs: 982 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 983 data_reviews: 984 - https://bugzilla.mozilla.org/show_bug.cgi?id=1771479 985 notification_emails: 986 - seceng-telemetry@mozilla.com 987 expires: never 988 telemetry_mirror: SSL_TIME_UNTIL_READY_ECH_GREASE 989 990 time_until_handshake_finished_keyed_by_ka: 991 type: labeled_timing_distribution 992 description: > 993 ms of SSL wait time for full handshake including TCP and proxy tunneling, 994 keyed by the key exchange algorithm used 995 996 This metric was generated to correspond to the Legacy Telemetry 997 exponential histogram SSL_TIME_UNTIL_HANDSHAKE_FINISHED_KEYED_BY_KA. 998 time_unit: millisecond 999 bugs: 1000 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 1001 - https://bugzilla.mozilla.org/show_bug.cgi?id=1513839 1002 data_reviews: 1003 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 1004 - https://bugzilla.mozilla.org/show_bug.cgi?id=1513839 1005 notification_emails: 1006 - seceng-telemetry@mozilla.com 1007 expires: never 1008 telemetry_mirror: SSL_TIME_UNTIL_HANDSHAKE_FINISHED_KEYED_BY_KA 1009 1010 bytes_before_cert_callback: 1011 type: memory_distribution 1012 description: > 1013 plaintext bytes read before a server certificate authenticated 1014 1015 This metric was generated to correspond to the Legacy Telemetry 1016 exponential histogram SSL_BYTES_BEFORE_CERT_CALLBACK. 1017 memory_unit: byte 1018 bugs: 1019 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1020 data_reviews: 1021 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1022 notification_emails: 1023 - seceng-telemetry@mozilla.com 1024 expires: never 1025 telemetry_mirror: SSL_BYTES_BEFORE_CERT_CALLBACK 1026 1027 npn_type: 1028 type: custom_distribution 1029 description: > 1030 NPN Results (0=none, 1=negotiated, 2=no-overlap, 3=selected(alpn)) 1031 1032 This metric was generated to correspond to the Legacy Telemetry enumerated 1033 histogram SSL_NPN_TYPE. 1034 range_min: 0 1035 range_max: 16 1036 bucket_count: 17 1037 histogram_type: linear 1038 bugs: 1039 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1040 data_reviews: 1041 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1042 notification_emails: 1043 - seceng-telemetry@mozilla.com 1044 expires: never 1045 telemetry_mirror: SSL_NPN_TYPE 1046 1047 resumed_session: 1048 type: labeled_counter 1049 description: > 1050 complete TLS connect that used TLS Session Resumption (collected at same 1051 time as SSL_TIME_UNTIL_HANDSHAKE_FINISHED) 1052 1053 This metric was generated to correspond to the Legacy Telemetry boolean 1054 histogram SSL_RESUMED_SESSION. 1055 labels: 1056 - "false" 1057 - "true" 1058 bugs: 1059 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 1060 data_reviews: 1061 - https://bugzilla.mozilla.org/show_bug.cgi?id=1340021 1062 notification_emails: 1063 - seceng-telemetry@mozilla.com 1064 expires: never 1065 telemetry_mirror: h#SSL_RESUMED_SESSION 1066 1067 key_exchange_algorithm_full: 1068 type: custom_distribution 1069 description: > 1070 SSL Handshake Key Exchange Algorithm for full handshake (null=0, rsa=1, 1071 dh=2, fortezza=3, ecdh=4) 1072 1073 This metric was generated to correspond to the Legacy Telemetry enumerated 1074 histogram SSL_KEY_EXCHANGE_ALGORITHM_FULL. 1075 range_min: 0 1076 range_max: 16 1077 bucket_count: 17 1078 histogram_type: linear 1079 bugs: 1080 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1081 data_reviews: 1082 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1083 notification_emails: 1084 - seceng-telemetry@mozilla.com 1085 expires: never 1086 telemetry_mirror: SSL_KEY_EXCHANGE_ALGORITHM_FULL 1087 1088 key_exchange_algorithm_resumed: 1089 type: custom_distribution 1090 description: > 1091 SSL Handshake Key Exchange Algorithm for resumed handshake (null=0, rsa=1, 1092 dh=2, fortezza=3, ecdh=4) 1093 1094 This metric was generated to correspond to the Legacy Telemetry enumerated 1095 histogram SSL_KEY_EXCHANGE_ALGORITHM_RESUMED. 1096 range_min: 0 1097 range_max: 16 1098 bucket_count: 17 1099 histogram_type: linear 1100 bugs: 1101 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1102 data_reviews: 1103 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1104 notification_emails: 1105 - seceng-telemetry@mozilla.com 1106 expires: never 1107 telemetry_mirror: SSL_KEY_EXCHANGE_ALGORITHM_RESUMED 1108 1109 tls13_intolerance_reason_pre: 1110 type: custom_distribution 1111 description: > 1112 Potential TLS 1.3 intolerance, before considering historical info (see 1113 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1114 1115 This metric was generated to correspond to the Legacy Telemetry enumerated 1116 histogram SSL_TLS13_INTOLERANCE_REASON_PRE. 1117 range_min: 0 1118 range_max: 64 1119 bucket_count: 65 1120 histogram_type: linear 1121 bugs: 1122 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 1123 data_reviews: 1124 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 1125 notification_emails: 1126 - seceng-telemetry@mozilla.com 1127 expires: never 1128 telemetry_mirror: SSL_TLS13_INTOLERANCE_REASON_PRE 1129 1130 tls13_intolerance_reason_post: 1131 type: custom_distribution 1132 description: > 1133 Potential TLS 1.3 intolerance, after considering historical info (see 1134 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1135 1136 This metric was generated to correspond to the Legacy Telemetry enumerated 1137 histogram SSL_TLS13_INTOLERANCE_REASON_POST. 1138 range_min: 0 1139 range_max: 64 1140 bucket_count: 65 1141 histogram_type: linear 1142 bugs: 1143 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 1144 data_reviews: 1145 - https://bugzilla.mozilla.org/show_bug.cgi?id=1250568 1146 notification_emails: 1147 - seceng-telemetry@mozilla.com 1148 expires: never 1149 telemetry_mirror: SSL_TLS13_INTOLERANCE_REASON_POST 1150 1151 tls12_intolerance_reason_pre: 1152 type: custom_distribution 1153 description: > 1154 Potential TLS 1.2 intolerance, before considering historical info (see 1155 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1156 1157 This metric was generated to correspond to the Legacy Telemetry enumerated 1158 histogram SSL_TLS12_INTOLERANCE_REASON_PRE. 1159 range_min: 0 1160 range_max: 64 1161 bucket_count: 65 1162 histogram_type: linear 1163 bugs: 1164 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1165 data_reviews: 1166 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1167 notification_emails: 1168 - seceng-telemetry@mozilla.com 1169 expires: never 1170 telemetry_mirror: SSL_TLS12_INTOLERANCE_REASON_PRE 1171 1172 tls12_intolerance_reason_post: 1173 type: custom_distribution 1174 description: > 1175 Potential TLS 1.2 intolerance, after considering historical info (see 1176 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1177 1178 This metric was generated to correspond to the Legacy Telemetry enumerated 1179 histogram SSL_TLS12_INTOLERANCE_REASON_POST. 1180 range_min: 0 1181 range_max: 64 1182 bucket_count: 65 1183 histogram_type: linear 1184 bugs: 1185 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1186 data_reviews: 1187 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1188 notification_emails: 1189 - seceng-telemetry@mozilla.com 1190 expires: never 1191 telemetry_mirror: SSL_TLS12_INTOLERANCE_REASON_POST 1192 1193 tls11_intolerance_reason_pre: 1194 type: custom_distribution 1195 description: > 1196 Potential TLS 1.1 intolerance, before considering historical info (see 1197 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1198 1199 This metric was generated to correspond to the Legacy Telemetry enumerated 1200 histogram SSL_TLS11_INTOLERANCE_REASON_PRE. 1201 range_min: 0 1202 range_max: 64 1203 bucket_count: 65 1204 histogram_type: linear 1205 bugs: 1206 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1207 data_reviews: 1208 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1209 notification_emails: 1210 - seceng-telemetry@mozilla.com 1211 expires: never 1212 telemetry_mirror: SSL_TLS11_INTOLERANCE_REASON_PRE 1213 1214 tls11_intolerance_reason_post: 1215 type: custom_distribution 1216 description: > 1217 Potential TLS 1.1 intolerance, after considering historical info (see 1218 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1219 1220 This metric was generated to correspond to the Legacy Telemetry enumerated 1221 histogram SSL_TLS11_INTOLERANCE_REASON_POST. 1222 range_min: 0 1223 range_max: 64 1224 bucket_count: 65 1225 histogram_type: linear 1226 bugs: 1227 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1228 data_reviews: 1229 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1230 notification_emails: 1231 - seceng-telemetry@mozilla.com 1232 expires: never 1233 telemetry_mirror: SSL_TLS11_INTOLERANCE_REASON_POST 1234 1235 tls10_intolerance_reason_pre: 1236 type: custom_distribution 1237 description: > 1238 Potential TLS 1.0 intolerance, before considering historical info (see 1239 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1240 1241 This metric was generated to correspond to the Legacy Telemetry enumerated 1242 histogram SSL_TLS10_INTOLERANCE_REASON_PRE. 1243 range_min: 0 1244 range_max: 64 1245 bucket_count: 65 1246 histogram_type: linear 1247 bugs: 1248 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1249 data_reviews: 1250 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1251 notification_emails: 1252 - seceng-telemetry@mozilla.com 1253 expires: never 1254 telemetry_mirror: SSL_TLS10_INTOLERANCE_REASON_PRE 1255 1256 tls10_intolerance_reason_post: 1257 type: custom_distribution 1258 description: > 1259 Potential TLS 1.0 intolerance, after considering historical info (see 1260 tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1261 1262 This metric was generated to correspond to the Legacy Telemetry enumerated 1263 histogram SSL_TLS10_INTOLERANCE_REASON_POST. 1264 range_min: 0 1265 range_max: 64 1266 bucket_count: 65 1267 histogram_type: linear 1268 bugs: 1269 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1270 data_reviews: 1271 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1272 notification_emails: 1273 - seceng-telemetry@mozilla.com 1274 expires: never 1275 telemetry_mirror: SSL_TLS10_INTOLERANCE_REASON_POST 1276 1277 version_fallback_inappropriate: 1278 type: custom_distribution 1279 description: > 1280 TLS/SSL version intolerance was falsely detected, server rejected 1281 handshake (see tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp). 1282 1283 This metric was generated to correspond to the Legacy Telemetry enumerated 1284 histogram SSL_VERSION_FALLBACK_INAPPROPRIATE. 1285 range_min: 0 1286 range_max: 64 1287 bucket_count: 65 1288 histogram_type: linear 1289 bugs: 1290 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1291 data_reviews: 1292 - https://bugzilla.mozilla.org/show_bug.cgi?id=1935420 1293 notification_emails: 1294 - seceng-telemetry@mozilla.com 1295 expires: never 1296 telemetry_mirror: SSL_VERSION_FALLBACK_INAPPROPRIATE 1297 1298 kea_rsa_key_size_full: 1299 type: custom_distribution 1300 description: > 1301 RSA KEA (TLS_RSA_*) key size in full handshake 1302 1303 This metric was generated to correspond to the Legacy Telemetry enumerated 1304 histogram SSL_KEA_RSA_KEY_SIZE_FULL. 1305 range_min: 0 1306 range_max: 24 1307 bucket_count: 25 1308 histogram_type: linear 1309 bugs: 1310 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1311 data_reviews: 1312 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1313 notification_emails: 1314 - seceng-telemetry@mozilla.com 1315 expires: never 1316 telemetry_mirror: SSL_KEA_RSA_KEY_SIZE_FULL 1317 1318 kea_dhe_key_size_full: 1319 type: custom_distribution 1320 description: > 1321 DHE KEA (TLS_DHE_*) key size in full handshake 1322 1323 This metric was generated to correspond to the Legacy Telemetry enumerated 1324 histogram SSL_KEA_DHE_KEY_SIZE_FULL. 1325 range_min: 0 1326 range_max: 24 1327 bucket_count: 25 1328 histogram_type: linear 1329 bugs: 1330 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1331 data_reviews: 1332 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1333 notification_emails: 1334 - seceng-telemetry@mozilla.com 1335 expires: never 1336 telemetry_mirror: SSL_KEA_DHE_KEY_SIZE_FULL 1337 1338 kea_ecdhe_curve_full: 1339 type: custom_distribution 1340 description: > 1341 ECDHE KEA (TLS_ECDHE_*) curve (23=P-256, 24=P-384, 25=P-521, 1342 29=Curve25519) in full handshake 1343 1344 This metric was generated to correspond to the Legacy Telemetry enumerated 1345 histogram SSL_KEA_ECDHE_CURVE_FULL. 1346 range_min: 0 1347 range_max: 36 1348 bucket_count: 37 1349 histogram_type: linear 1350 bugs: 1351 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1352 data_reviews: 1353 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1354 notification_emails: 1355 - seceng-telemetry@mozilla.com 1356 expires: never 1357 telemetry_mirror: SSL_KEA_ECDHE_CURVE_FULL 1358 1359 auth_algorithm_full: 1360 type: custom_distribution 1361 description: > 1362 SSL Authentication Algorithm (null=0, rsa(KEA)=1, ecdsa=4, rsa(sign)=7) in 1363 full handshake 1364 1365 This metric was generated to correspond to the Legacy Telemetry enumerated 1366 histogram SSL_AUTH_ALGORITHM_FULL. 1367 range_min: 0 1368 range_max: 16 1369 bucket_count: 17 1370 histogram_type: linear 1371 bugs: 1372 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1373 data_reviews: 1374 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1375 notification_emails: 1376 - seceng-telemetry@mozilla.com 1377 expires: never 1378 telemetry_mirror: SSL_AUTH_ALGORITHM_FULL 1379 1380 auth_rsa_key_size_full: 1381 type: custom_distribution 1382 description: > 1383 RSA signature key size for TLS_*_RSA_* in full handshake 1384 1385 This metric was generated to correspond to the Legacy Telemetry enumerated 1386 histogram SSL_AUTH_RSA_KEY_SIZE_FULL. 1387 range_min: 0 1388 range_max: 24 1389 bucket_count: 25 1390 histogram_type: linear 1391 bugs: 1392 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1393 data_reviews: 1394 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1395 notification_emails: 1396 - seceng-telemetry@mozilla.com 1397 expires: never 1398 telemetry_mirror: SSL_AUTH_RSA_KEY_SIZE_FULL 1399 1400 auth_ecdsa_curve_full: 1401 type: custom_distribution 1402 description: > 1403 ECDSA signature curve for TLS_*_ECDSA_* in full handshake (23=P-256, 1404 24=P-384, 25=P-521) 1405 1406 This metric was generated to correspond to the Legacy Telemetry enumerated 1407 histogram SSL_AUTH_ECDSA_CURVE_FULL. 1408 range_min: 0 1409 range_max: 36 1410 bucket_count: 37 1411 histogram_type: linear 1412 bugs: 1413 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1414 data_reviews: 1415 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1416 notification_emails: 1417 - seceng-telemetry@mozilla.com 1418 expires: never 1419 telemetry_mirror: SSL_AUTH_ECDSA_CURVE_FULL 1420 1421 reasons_for_not_false_starting: 1422 type: custom_distribution 1423 description: > 1424 Bitmask of reasons we did not false start when libssl would have let us 1425 (see key in nsNSSCallbacks.cpp) 1426 1427 This metric was generated to correspond to the Legacy Telemetry enumerated 1428 histogram SSL_REASONS_FOR_NOT_FALSE_STARTING. 1429 range_min: 0 1430 range_max: 512 1431 bucket_count: 513 1432 histogram_type: linear 1433 bugs: 1434 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1435 data_reviews: 1436 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1437 notification_emails: 1438 - seceng-telemetry@mozilla.com 1439 expires: never 1440 telemetry_mirror: SSL_REASONS_FOR_NOT_FALSE_STARTING 1441 1442 ocsp_stapling: 1443 type: custom_distribution 1444 description: > 1445 Status of OCSP stapling on this handshake (1=present, good; 2=none; 1446 3=present, expired; 4=present, other error) 1447 1448 This metric was generated to correspond to the Legacy Telemetry enumerated 1449 histogram SSL_OCSP_STAPLING. 1450 range_min: 0 1451 range_max: 8 1452 bucket_count: 9 1453 histogram_type: linear 1454 bugs: 1455 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1456 data_reviews: 1457 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1458 notification_emails: 1459 - seceng-telemetry@mozilla.com 1460 expires: never 1461 telemetry_mirror: SSL_OCSP_STAPLING 1462 1463 cert_error_overrides: 1464 type: custom_distribution 1465 description: > 1466 Was a certificate error overridden on this handshake? What was it? 1467 (0=unknown error (indicating bug), 1=no, >1=a specific error) 1468 1469 This metric was generated to correspond to the Legacy Telemetry enumerated 1470 histogram SSL_CERT_ERROR_OVERRIDES. 1471 range_min: 0 1472 range_max: 24 1473 bucket_count: 25 1474 histogram_type: linear 1475 bugs: 1476 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1477 data_reviews: 1478 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1479 notification_emails: 1480 - seceng-telemetry@mozilla.com 1481 expires: never 1482 telemetry_mirror: SSL_CERT_ERROR_OVERRIDES 1483 1484 cert_verification_errors: 1485 type: custom_distribution 1486 description: > 1487 If certificate verification failed in a TLS handshake, what was the error? 1488 (see MapCertErrorToProbeValue in 1489 security/manager/ssl/SSLServerCertVerification.cpp and the values in 1490 security/pkix/include/pkix/Result.h) 1491 1492 This metric was generated to correspond to the Legacy Telemetry enumerated 1493 histogram SSL_CERT_VERIFICATION_ERRORS. 1494 range_min: 0 1495 range_max: 100 1496 bucket_count: 101 1497 histogram_type: linear 1498 bugs: 1499 - https://bugzilla.mozilla.org/show_bug.cgi?id=1503572 1500 data_reviews: 1501 - https://bugzilla.mozilla.org/show_bug.cgi?id=1503572 1502 notification_emails: 1503 - jhofmann@mozilla.com 1504 - rtestard@mozilla.com 1505 - seceng@mozilla.org 1506 expires: never 1507 telemetry_mirror: SSL_CERT_VERIFICATION_ERRORS 1508 1509 ct_policy_non_compliant_connections_by_ca_2: 1510 type: custom_distribution 1511 description: > 1512 Number of successfully established TLS connections NOT compliant with the 1513 Certificate Transparency Policy, by CA. See KnownRootHashes.txt for names 1514 of CAs. 1515 range_min: 0 1516 range_max: 256 1517 bucket_count: 257 1518 histogram_type: linear 1519 bugs: 1520 - https://bugzilla.mozilla.org/show_bug.cgi?id=1320567 1521 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 1522 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 1523 data_reviews: 1524 - https://bugzilla.mozilla.org/show_bug.cgi?id=1320567 1525 - https://bugzilla.mozilla.org/show_bug.cgi?id=1909978 1526 - https://bugzilla.mozilla.org/show_bug.cgi?id=1972339 1527 notification_emails: 1528 - seceng-telemetry@mozilla.com 1529 - dkeeler@mozilla.com 1530 expires: never 1531 1532 permanent_cert_error_overrides: 1533 type: custom_distribution 1534 description: > 1535 How many permanent certificate overrides a user has stored. 1536 1537 This metric was generated to correspond to the Legacy Telemetry 1538 exponential histogram SSL_PERMANENT_CERT_ERROR_OVERRIDES. 1539 range_min: 1 1540 range_max: 1024 1541 bucket_count: 10 1542 histogram_type: exponential 1543 bugs: 1544 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1545 data_reviews: 1546 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062 1547 notification_emails: 1548 - seceng-telemetry@mozilla.com 1549 expires: never 1550 telemetry_mirror: SSL_PERMANENT_CERT_ERROR_OVERRIDES 1551 1552 scts_origin: 1553 type: custom_distribution 1554 description: > 1555 Origin of Signed Certificate Timestamps received (1=Embedded, 2=TLS 1556 handshake extension, 3=Stapled OCSP response) 1557 1558 This metric was generated to correspond to the Legacy Telemetry enumerated 1559 histogram SSL_SCTS_ORIGIN. 1560 range_min: 0 1561 range_max: 10 1562 bucket_count: 11 1563 histogram_type: linear 1564 bugs: 1565 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1566 data_reviews: 1567 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1568 notification_emails: 1569 - seceng-telemetry@mozilla.com 1570 expires: never 1571 telemetry_mirror: SSL_SCTS_ORIGIN 1572 1573 scts_per_connection: 1574 type: custom_distribution 1575 description: > 1576 Histogram of Signed Certificate Timestamps per SSL connection, from all 1577 sources (embedded / OCSP Stapling / TLS handshake). Bucket 0 counts the 1578 cases when no SCTs were received, or none were extracted due to parsing 1579 errors. 1580 1581 This metric was generated to correspond to the Legacy Telemetry enumerated 1582 histogram SSL_SCTS_PER_CONNECTION. 1583 range_min: 0 1584 range_max: 10 1585 bucket_count: 11 1586 histogram_type: linear 1587 bugs: 1588 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1589 data_reviews: 1590 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1591 notification_emails: 1592 - seceng-telemetry@mozilla.com 1593 expires: never 1594 telemetry_mirror: SSL_SCTS_PER_CONNECTION 1595 1596 scts_verification_status: 1597 type: custom_distribution 1598 description: > 1599 Verification status of Signed Certificate Timestamps received (0=Decoding 1600 error, 1=Valid SCT, 2=SCT from unknown log, 3=Invalid SCT signature, 4=SCT 1601 timestamp is in the future, 5=Valid SCT from a disqualified log 6=SCT 1602 timestamp is after the root's distrustAfter time). 1603 range_min: 0 1604 range_max: 10 1605 bucket_count: 11 1606 histogram_type: linear 1607 bugs: 1608 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1609 - https://bugzilla.mozilla.org/show_bug.cgi?id=1953221 1610 data_reviews: 1611 - https://bugzilla.mozilla.org/show_bug.cgi?id=1293231 1612 notification_emails: 1613 - seceng-telemetry@mozilla.com 1614 expires: never 1615 1616 scts_from_tiled_logs_per_connection: 1617 type: custom_distribution 1618 description: > 1619 Histogram of the number of Signed Certificate Timestamps from tiled logs 1620 per TLS connection from all sources (embedded / OCSP Stapling / TLS 1621 handshake). Bucket 0 counts the cases when no SCTs from tiled logs were 1622 received, or none were extracted due to parsing errors. 1623 range_min: 0 1624 range_max: 10 1625 bucket_count: 11 1626 histogram_type: linear 1627 data_sensitivity: 1628 - technical 1629 bugs: 1630 - https://bugzilla.mozilla.org/show_bug.cgi?id=1985598 1631 data_reviews: 1632 - https://bugzilla.mozilla.org/show_bug.cgi?id=1985598 1633 notification_emails: 1634 - seceng-telemetry@mozilla.com 1635 - jschanck@mozilla.com 1636 expires: never 1637 1638 oskeystore: 1639 return_codes: 1640 type: event 1641 description: > 1642 Collects return codes from the different implementations of the key store 1643 API. These are sometimes poorly documented and collection is the only way 1644 to discover them. 1645 bugs: 1646 - https://bugzilla.mozilla.org/show_bug.cgi?id=1958791 1647 data_reviews: 1648 - https://bugzilla.mozilla.org/show_bug.cgi?id=1958791 1649 notification_emails: 1650 - simon@mozilla.com 1651 expires: 150 1652 extra_keys: 1653 function: 1654 description: > 1655 Which function returned the value. 1656 type: string 1657 result: 1658 description: > 1659 The error code, converted to a string. 1660 type: string