*Primary eng emails* [email protected], [email protected]
*Summary* Creating a dedicated secure browser API for mdoc selection to replace mdoc-scheme URLs on Chrome and Android. *Motivation* Last month, we sent <https://groups.google.com/a/chromium.org/g/blink-dev/c/O9A9fq-0IdI/m/sqdVA17iBQAJ> an intent to prototype for a more secure browser API for mdoc <https://www.iso.org/obp/ui/fr/#iso:std:69084:en> selection, which we believe will more safely enable mobile driver’s licenses on the web across multiple wallets. In addition to allowing sites to request real-world identity information for opening a bank account, for example, this dedicated API will also provide users with more transparency and control into what personal information is then shared with the website requesting it. As prototyping of the new API begins, we are considering blocking the URI schemes mdoc and mdoc-openid4vp from being forwarded directly to the OS (e.g. as Intents on Android). These schemes have been proposed as a way to use Chromium's support for websites opening complementary apps, to instead open and communicate directly with arbitrary wallet apps. We believe this mechanism is more prone to security risks for consumers, such as phishing attacks, by not providing enough information to the browser to be able to explain the request to the user, and that it prevents the operating system from mediating such requests. For similar reasons, Android is exploring a complementary, API-based solution, instead of supporting the URL schemes mentioned above. Like all Chromium projects, the new API will be developed in the open and we’ll be engaging with the developers, regulators, and industry groups for feedback. We are collecting feedback and metrics on this deprecation plan and will follow up with a bug and feature dashboard entry when pertinent. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL9PXLycoChNiZAMB33jVCe%3DUvdrFAYkQ%3DiKH%2BXqPK-bgS2VEA%40mail.gmail.com.
