Hi all, Hi Yoav, Thanks for the feedback. I'd like to modify the intent timeline as follows:
M99: Start showing a deprecation warning. M99-105: Watch use counters + outreach to top-N users. M105: Deprecate the feature by default. Enabling/disabling will be via Finch, so we have an emergency shut-off. An enterprise policy is already in place. On Wed, Jan 12, 2022 at 6:45 PM Yoav Weiss <yoavwe...@chromium.org> wrote: > Hey Daniel! > > While searching for this intent review, I stumbled upon > https://developer.chrome.com/blog/immutable-document-domain/ > That's a useful piece of documentation! Thanks +Eiji Kitamura!! > > This intent was just discussed at the API owner meeting (where Chris, > Rego, Daniel, Philip, Alex, MikeT and myself were present). > This change seems risky in terms of potential breakage when looking at our > stats, and that's even before talking about enterprises, where a lot of the > API owners feel the risk is even higher. > > Given that, here's a few potential next steps to try and reduce that risk: > > - UKM and outreach to specific large users of the API can maybe help > drive the usage down. > > Will do. With Lutz' help I just checked the UKM we have on this, and it seems the usage is quite heavily concentrated on large sites. The top-quartile of remaining public usage is just 9 sites; top-half is ~35. We'll try to reach out to them. > > - A deprecation period of 3 milestones feels a bit short here. Is the > expectation that turning on the opt-out header can be done under that > period? > > As above, we'll happily go up on this. My reasoning why 3 milestones would be reasonable was that there is a "safe" opt-out. That is, if one wishes to preserve old behaviour, or isn't sure, or just wants to postpone the issue, one can just add 'Origin-Agent-Cluster: ?0" and deal with it later. This is quite different from e.g. CSP, where adding new CSP headers might require a lot of work and testing. > > - A report-only mode could have allowed sites to try and enable this, > without risking actual breakage for their documents/properties that use > document.domain. This is doubly true for platforms that want to warn their > customers about this upcoming deprecation, but without taking risks on > their behalf. At the same time, it is true that they could collect > deprecation reports (thanks for adding those!) instead during the > deprecation period, which can be considered an on-by-default report-only > mode. Can y'all add specific guidance on deprecation reports to the > documentation? > > We see the deprecation warning - without any behavioural changes - as effectively being the report-only mode. We'll be more clear in the documentation. > > - It'd be helpful to reach out to enterprise folks and see what their > responses may be for this. +Greg Whitworth. > - This probably requires an Enterprise Policy, to reduce the risk for > managed installs. +bheenan@ for opinions on that front. > > I agree, and an enterprise policy is already in place. > > - Is there a plan to eventually remove the opt-out option? Or is it > the plan to have it in place permanently? > > There is no plan. The current logic is relatively easy to maintain, so we have not made any plan to remove the opt-out. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALG6KPNs24tap5M0OpdPX%3DLYaXDZmq%2BoB8pEALaTX6g1G1h5Sg%40mail.gmail.com.