diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-05 19:12:54 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-05 19:12:54 +0000 |
| commit | 614f29d47d90b2290b87296e10db66873b58b882 (patch) | |
| tree | cb054cf51ee9efa44aa5dba83e765d0215232c02 /tools | |
| parent | 683e11181382a2b78bd057c3e3f3edd385431367 (diff) | |
| download | chromium_src-614f29d47d90b2290b87296e10db66873b58b882.zip chromium_src-614f29d47d90b2290b87296e10db66873b58b882.tar.gz chromium_src-614f29d47d90b2290b87296e10db66873b58b882.tar.bz2 | |
Reland r215489 - Add histograms for certificate's & CA's compliance to the Baseline Requirements
Track the (Leaf, Intermediate Root) certificate (algorithm) x (size),
based on whether or not the certificate was issued before or after the
BR compliance date of 2012-12-31.
This is in advance of considering changes to security indicators.
BUG=102949
TBR=jar@chromium.org,wtc@chromium.org
Review URL: https://chromiumcodereview.appspot.com/22203003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@215654 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/metrics/histograms/histograms.xml | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/tools/metrics/histograms/histograms.xml b/tools/metrics/histograms/histograms.xml index d7d32e6..71021e3 100644 --- a/tools/metrics/histograms/histograms.xml +++ b/tools/metrics/histograms/histograms.xml @@ -1133,6 +1133,14 @@ other types of suffix sets. </summary> </histogram> +<histogram name="CertificateType"> + <summary> + Information about the certificate algorithms and sizes in use on the web, to + examine compliance with the CA/Browser Forum requirements and security best + practice. + </summary> +</histogram> + <histogram name="Chrome.SearchSelectExempt" enum="SearchEngine"> <obsolete> Deprecated 8/2013. No longer tracked. @@ -22422,6 +22430,41 @@ other types of suffix sets. <affected-histogram name="PLT.CommitToFirstPaint"/> </fieldtrial> +<fieldtrial name="CertificateTypeAlgorithms" separator="."> + <group name="DH" label="DH"/> + <group name="DSA" label="DSA"/> + <group name="ECDH" label="ECDH"/> + <group name="ECDSA" label="ECDSA"/> + <group name="RSA" label="RSA"/> + <group name="Unknown" label="SPKI unrecognized by cert library"/> + <group name="Unsupported" label="Un-histogrammed type - please fix"/> + <affected-histogram name="CertificateType.BR.Intermediate"/> + <affected-histogram name="CertificateType.BR.Leaf"/> + <affected-histogram name="CertificateType.BR.Root"/> + <affected-histogram name="CertificateType.NonBR.Intermediate"/> + <affected-histogram name="CertificateType.NonBR.Leaf"/> + <affected-histogram name="CertificateType.NonBR.Root"/> +</fieldtrial> + +<fieldtrial name="CertificateTypeBRValidity" separator="."> + <group name="BR" + label="The *leaf* certificate of the chain expires after 2013-12-31, + meaning that it should be in scope for the Baseline + Requirement's key size requirements"/> + <group name="NonBR" + label="The *leaf* certificate of the chain expires on or before + 2013-12-31"/> + <affected-histogram name="CertificateType"/> +</fieldtrial> + +<fieldtrial name="CertificateTypeChainPosition" separator="."> + <group name="Intermediate" label="Intermediate's SPKI"/> + <group name="Leaf" label="Leaf's SPKI"/> + <group name="Root" label="Root's SPKI"/> + <affected-histogram name="CertificateType.BR"/> + <affected-histogram name="CertificateType.NonBR"/> +</fieldtrial> + <fieldtrial name="ConnCountImpact"> <group name="conn_count_16" label="with 16 persistent connections per host"/> <group name="conn_count_4" label="with 4 persistent connections per host"/> |