Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security: add telemetry for OCSP certificate revocation #53473

Closed
thtruo opened this issue Aug 26, 2020 · 4 comments · Fixed by #53685
Closed

security: add telemetry for OCSP certificate revocation #53473

thtruo opened this issue Aug 26, 2020 · 4 comments · Fixed by #53685
Assignees
@knz
Labels
A-security A-telemetry C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)

Comments

@thtruo
Copy link
Contributor

thtruo commented Aug 26, 2020

We currently have no tracking when OCSP certificate revocation is used. This is a placeholder GH issue. @bdarnell @knz could one of you add more details to this issue?
@thtruo thtruo added C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) A-telemetry A-security labels Aug 26, 2020
@knz
Copy link
Contributor

knz commented Aug 26, 2020

There are two kinds of telemetry we'll likely want:

  • when the cluster settings are changed (pkg/sql/set_cluster_Setting.go)
  • when a cert revocation request is actually issued (counter increment)

@knz knz mentioned this issue Aug 28, 2020
Closed
@knz knz self-assigned this Aug 28, 2020
@knz
Copy link
Contributor

knz commented Aug 28, 2020

wokring on it #53607

@knz
Copy link
Contributor

knz commented Aug 31, 2020

Actually no need for #53607 to get OCSP telemetry.
Turns out as @dt explained to me we already have telemetry for cluster setting changes. So no need to add it.

@knz knz closed this as completed Aug 31, 2020
@knz knz reopened this Aug 31, 2020
@knz
Copy link
Contributor

knz commented Aug 31, 2020

scratch that we also want to count uses

@knz knz mentioned this issue Aug 31, 2020
Merged
@craig craig bot closed this as completed in f2056ba Sep 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@knz knz

Labels
A-security A-telemetry C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
Projects
None yet
Milestone
No milestone
2 participants
@knz @thtruo