Hi! I am an usable security researcher. In our group we are currently having a look at TLS configurations. I often encounter e.g., domain mismatches for the certificates. Firefox gives the "send site to mozilla" option on those sites. Regarding this I have a few questions.
Who gets the data? Are there statistics on that? (Maybe currently not on a website, but maybe there is data ready to be analyzed.) I found somthing on the telemetry site. That could be part of the answer to this. value 42 -> Domain mismatch: ERROR_BAD_CERT_DOMAIN https://telemetry.mozilla.org/new-pipeline/dist.html#!cumulative=0&end_date=2019-11-11&include_spill=0&keys=__none__!__none__!__none__&max_channel_version=beta%252F71&measure=SSL_CERT_VERIFICATION_ERRORS&min_channel_version=beta%252F64&processType=*&product=Firefox&sanitize=1&sort_by_value=0&sort_keys=submissions&start_date=2019-10-23&table=0&trim=1&use_submission_date=1 That would mean ~18M error 42 in less than a month [0]. Do I interpret this correctly? What is this compared to the amount of websites visited? I would be very interested in additional data like - how many different domains - are the domain owners informed? (making part of this data public could be a not so good idea) It says it is to fight against bad actors but do good actors (with a failty configuration) also get notified? And why does it state that I can contact the admin of the server but does not give me an address for that? Also: How exactly is MOZILLA_PKIX_ERROR_MITM_DETECTED defined? I hope some of these answers can be answered and I'm grateful for input! Part of our current goal is to understand how misconfigurations (not attacks) happen and what we can do about this. /Maxi 0: Beta 71, Released 21.10.2019 (https://www.mozilla.org/en-US/firefox/71.0beta/releasenotes/) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
