New issue
Advanced search Search tips

Issue 596624 link

Starred by 2 users
Status: Fixed
Owner:
est...@chromium.org
Closed: Jul 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Feature



Sign in to add a comment

Record an UMA metrics on failure to send certificate reports

Project Member Reported by est...@chromium.org, Mar 21 2016 
When Chrome tried to send a certificate report but fails, we should record an UMA metric. (For HPKP reports, SBER invalid certificate reports, and Expect CT reports.) This will help us do two things:
- notice when the number of report-sending failures goes up (in case of infrastructure problems)
- help estimate the value of some kind of retry mechanism to try to re-send reports when they fail the first time

Comment 1 by rch@chromium.org, Mar 25 2016 

Drive-by comment. You might consider setting up a Chirp alert for this which would automatically alert if this metric changed.

Comment 2 by est...@chromium.org, Mar 25 2016 

rch: yes, we'll definitely do that, thanks.
Project Member

Comment 3 by bugdroid1@chromium.org, Mar 31 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b2288ecde37cbe28ac295607f8686906f1c618e8

commit b2288ecde37cbe28ac295607f8686906f1c618e8
Author: estark <estark@chromium.org>
Date: Thu Mar 31 21:45:01 2016

Add error callback to net::CertificateReportSender

We want to start recording UMA metrics (and perhaps eventually taking
other actions such as retrying) when various types of certificate
reports fail to send. This CL adds an error callback to the
net::CertificateReportSender class to allow us to do this.

It also fixes a small bug where apparently we were printing a log
message about reports failing to send even when they succeeded.

BUG= 596624 

Review URL: https://codereview.chromium.org/1847563004

Cr-Commit-Position: refs/heads/master@{#384402}

[modify] https://crrev.com/b2288ecde37cbe28ac295607f8686906f1c618e8/net/url_request/certificate_report_sender.cc
[modify] https://crrev.com/b2288ecde37cbe28ac295607f8686906f1c618e8/net/url_request/certificate_report_sender.h
[modify] https://crrev.com/b2288ecde37cbe28ac295607f8686906f1c618e8/net/url_request/certificate_report_sender_unittest.cc
Project Member

Comment 4 by bugdroid1@chromium.org, Apr 5 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f2979127c4951011a74f00fab8fdff94d87952de

commit f2979127c4951011a74f00fab8fdff94d87952de
Author: estark <estark@chromium.org>
Date: Tue Apr 05 17:04:39 2016

Use CertificateReportSender error callback to record HPKP UMA metrics

This CL does two things:
1. Use the CertificateReportSender error callback to record UMA metrics
when we fail to send an HPKP report.
2. The error callback argument of a URLRequest* wasn't set up quite
right to do this; TransportSecurityState provides the callback, but
TransportSecurityState is in net/http and shouldn't depend on
URLRequest. So instead I changed the callback arguments to be the report
URI and the net error from sending the report.

BUG= 596624 

Review URL: https://codereview.chromium.org/1850853004

Cr-Commit-Position: refs/heads/master@{#385198}

[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/http/transport_security_state.cc
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/http/transport_security_state.h
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/http/transport_security_state_unittest.cc
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/url_request/certificate_report_sender.cc
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/url_request/certificate_report_sender.h
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/url_request/certificate_report_sender_unittest.cc
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/net/url_request/url_request_unittest.cc
[modify] https://crrev.com/f2979127c4951011a74f00fab8fdff94d87952de/tools/metrics/histograms/histograms.xml

Comment 5 by est...@chromium.org, Apr 5 2016

Status: Started (was: Assigned)

Comment 7 by f...@chromium.org, Jun 30 2016

Labels: -Type-Bug Type-Feature

Comment 8 by f...@chromium.org, Jun 30 2016 

It looks like two CLs have landed, can we close this bug now?

Comment 9 by est...@chromium.org, Jun 30 2016 

Not quite, we still need UMA for Safe Browsing certificate report failures. (Basically, passing an ErrorCallback here: https://cs.chromium.org/chromium/src/components/certificate_reporting/error_reporter.cc?sq=package:chromium&dr=CSs&rcl=1467300303&l=112)
Project Member

Comment 10 by bugdroid1@chromium.org, Jul 20 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1

commit a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1
Author: estark <estark@chromium.org>
Date: Wed Jul 20 17:43:28 2016

Fix up certificate error reporting histograms

This CL adds a failure histogram for certificate error reporting,
similar to the histograms we have for Expect CT and HPKP reports.

It also negates the net error codes for Expect CT and HPKP histograms,
to match up with the histogram enums. (See  bug 616599 .)

BUG= 616599 , 596624 

Review-Url: https://codereview.chromium.org/2120683002
Cr-Commit-Position: refs/heads/master@{#406604}

[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/chrome/browser/ssl/chrome_expect_ct_reporter.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/chrome/browser/ssl/chrome_expect_ct_reporter_unittest.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/BUILD.gn
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/certificate_reporting/BUILD.gn
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/certificate_reporting/DEPS
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/certificate_reporting/error_reporter.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/certificate_reporting/error_reporter_unittest.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/components/components_tests.gyp
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/ios/chrome/browser/BUILD.gn
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/ios/chrome/browser/DEPS
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/ios/chrome/browser/ssl/ios_ssl_blocking_page.h
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/ios/chrome/ios_chrome.gyp
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/net/http/transport_security_state.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/net/http/transport_security_state_unittest.cc
[modify] https://crrev.com/a79bbb7b735bfbc7b84518bdd6f166a2fb39f7c1/tools/metrics/histograms/histograms.xml

Comment 11 by est...@chromium.org, Jul 20 2016

Status: Fixed (was: Started)

Comment 12 by lafo...@chromium.org, Dec 9 2016

Components: -Security>UX
Labels: Team-Security-UX
Security>UX component is deprecated in favor of the Team-Security-UX label

Sign in to add a comment