1 # This Source Code Form is subject to the terms of the Mozilla Public
2 # License, v. 2.0. If a copy of the MPL was not distributed with this
3 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
4 # Adding a new metric? We have docs for that!
5 # https://firefox-source-docs.mozilla.org/toolkit/components/glean/user/new_definitions_file.html
8 $schema: moz://mozilla.org/schemas/glean/metrics/2-0-0
10 - 'Core :: Security: PSM'
14 type: memory_distribution
17 Heap memory used by cert_storage.
19 - https://bugzilla.mozilla.org/show_bug.cgi?id=1910500
21 - https://bugzilla.mozilla.org/show_bug.cgi?id=1910500
25 - jschanck@mozilla.com
32 The number of entries stored in the AlternateServices nsIDataStorage
34 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
36 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
43 client_auth_remember_list:
46 The number of entries stored in the ClientAuthRememberList nsIDataStorage
48 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
50 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
57 site_security_service_state:
60 The number of entries stored in the SiteSecurityServiceState nsIDataStorage
62 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
64 - https://bugzilla.mozilla.org/show_bug.cgi?id=1873080
73 certificate_verifications:
76 The total number of successful TLS server certificate verifications.
78 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
80 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
84 xyber_intolerance_reason:
87 The error that was returned from a failed TLS 1.3 handshake in which the client sent a mlkem768x25519 key share (see tlsIntoleranceTelemetryBucket() in nsNSSIOLayer.cpp).
91 - https://bugzilla.mozilla.org/1874963
93 - https://bugzilla.mozilla.org/1874963
95 - jschanck@mozilla.com
98 - PR_CONNECT_RESET_ERROR
99 - PR_END_OF_FILE_ERROR
100 - SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE
101 - SSL_ERROR_BAD_MAC_ALERT
102 - SSL_ERROR_BAD_MAC_READ
103 - SSL_ERROR_DECODE_ERROR_ALERT
104 - SSL_ERROR_HANDSHAKE_FAILED
105 - SSL_ERROR_HANDSHAKE_FAILURE_ALERT
106 - SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT
107 - SSL_ERROR_ILLEGAL_PARAMETER_ALERT
108 - SSL_ERROR_INTERNAL_ERROR_ALERT
109 - SSL_ERROR_KEY_EXCHANGE_FAILURE
110 - SSL_ERROR_NO_CYPHER_OVERLAP
111 - SSL_ERROR_PROTOCOL_VERSION_ALERT
112 - SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE
113 - SSL_ERROR_RX_MALFORMED_HYBRID_KEY_SHARE
114 - SSL_ERROR_UNSUPPORTED_VERSION
118 type: labeled_counter
120 The number of times each certificate compression algorithm returned an error.
124 - https://bugzilla.mozilla.org/show_bug.cgi?id=1881027
125 - https://bugzilla.mozilla.org/show_bug.cgi?id=1933864
127 - https://bugzilla.mozilla.org/1881027
129 - anna.weine@mozilla.com
136 verification_used_cert_from:
140 How many successfully-built certificate chains used a certificate from the TLS handshake.
142 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
144 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
146 - dkeeler@mozilla.com
148 denominator_metric: tls.certificate_verifications
149 preloaded_intermediates:
152 How many successfully-built certificate chains used a certificate from preloaded intermediates.
154 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
156 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
158 - dkeeler@mozilla.com
160 denominator_metric: tls.certificate_verifications
161 third_party_certificates:
164 How many successfully-built certificate chains used a third-party certificate from the OS.
166 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
168 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
170 - dkeeler@mozilla.com
172 denominator_metric: tls.certificate_verifications
176 How many successfully-built certificate chains used a certificate from the NSS cert DB.
178 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
180 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
182 - dkeeler@mozilla.com
184 denominator_metric: tls.certificate_verifications
185 built_in_roots_module:
188 How many successfully-built certificate chains used a certificate from the built-in roots module.
190 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
192 - https://bugzilla.mozilla.org/show_bug.cgi?id=1876435
194 - dkeeler@mozilla.com
196 denominator_metric: tls.certificate_verifications
199 third_party_modules_loaded:
202 The number of third-party PKCS#11 modules loaded.
204 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453
206 - https://bugzilla.mozilla.org/show_bug.cgi?id=1905453
210 - dkeeler@mozilla.com
214 cert_verification_time:
216 type: timing_distribution
217 time_unit: microsecond
219 The time it takes to successfully verify a certificate in a TLS handshake.
221 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
222 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
224 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
225 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
229 - seceng-telemetry@mozilla.com
230 - dkeeler@mozilla.com
234 type: timing_distribution
235 time_unit: microsecond
237 The time it takes to fail to verify a certificate in a TLS handshake.
239 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
240 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
242 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
243 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
247 - seceng-telemetry@mozilla.com
248 - dkeeler@mozilla.com
253 type: timing_distribution
254 time_unit: millisecond
256 The time it takes to make an OCSP request that succeeded.
258 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
259 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
261 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
262 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
266 - seceng-telemetry@mozilla.com
267 - dkeeler@mozilla.com
271 type: timing_distribution
272 time_unit: millisecond
274 The time it takes to make an OCSP request that failed.
276 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
277 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
279 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
280 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
284 - seceng-telemetry@mozilla.com
285 - dkeeler@mozilla.com
289 type: timing_distribution
290 time_unit: millisecond
292 The time it takes to make an OCSP request that was cancelled.
294 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
295 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
297 - https://bugzilla.mozilla.org/show_bug.cgi?id=1862062
298 - https://bugzilla.mozilla.org/show_bug.cgi?id=1913794
302 - seceng-telemetry@mozilla.com
303 - dkeeler@mozilla.com
310 The time in milliseconds to initialize the NSS component in the
312 This metric was generated to correspond to the Legacy Telemetry
313 scalar networking.nss_initialization.
315 - https://bugzil.la/1628734
317 - https://bugzil.la/1628734
319 - mconley@mozilla.com
320 - dkeeler@mozilla.com
323 telemetry_mirror: NETWORKING_NSS_INITIALIZATION
328 The time in milliseconds to load any external certificates. This
329 occurs off of the main-thread, but can block main-thread operations.
330 This metric was generated to correspond to the Legacy Telemetry
331 scalar networking.loading_certs_task.
333 - https://bugzil.la/1628734
335 - https://bugzil.la/1628734
337 - mconley@mozilla.com
338 - dkeeler@mozilla.com
341 telemetry_mirror: NETWORKING_LOADING_CERTS_TASK
344 client_auth_cert_usage:
345 type: labeled_counter
347 Measures how many servers have requested a client authentication
348 certificate (key: "requested") and how many times the user has opted
349 to send one in response (key: "sent").
350 This metric was generated to correspond to the Legacy Telemetry
351 scalar security.client_auth_cert_usage.
353 - https://bugzil.la/1749884
355 - https://bugzil.la/1749884
357 - dkeeler@mozilla.com
359 telemetry_mirror: SECURITY_CLIENT_AUTH_CERT_USAGE