On Tue, Jun 20, 2023 at 4:51 PM Alex Turner <ale...@chromium.org> wrote:
> Contact emailsale...@chromium.org > > Explainer > https://github.com/patcg-individual-drafts/private-aggregation-api > > Specification > https://patcg-individual-drafts.github.io/private-aggregation-api > > Summary > > A generic mechanism for measuring aggregate, cross-site data in a privacy > preserving manner. The potentially identifying cross-site data is > encapsulated into "aggregatable reports". To prevent leakage, this data is > encrypted, ensuring it can only be processed by the aggregation service. > During processing, this service will add noise and impose limits on how > many queries can be performed. > > Blink componentBlink>PrivateAggregation > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPrivateAggregation> > > TAG reviewhttps://github.com/w3ctag/design-reviews/issues/846 > > TAG review statusPending > > Risks > > > Interoperability and Compatibility > > > > *Gecko*: No signal specific to Private Aggregation ( > https://github.com/mozilla/standards-positions/issues/805). However the > Gecko position on Shared Storage (one of the ways Private Aggregation is > exposed) is negative. > > *WebKit*: No signal ( > https://github.com/WebKit/standards-positions/issues/189) > > *Web developers*: Developers have shown interest in the API both for > cross-site use cases through Shared Storage and for Protected Audience > aggregate reporting and have engaged on GitHub[1]. For Shared Storage, > multiple testers have publicly flagged their interest via the public Shared > Storage Testers List [2]. > > [1] > https://github.com/patcg-individual-drafts/private-aggregation-api/issues > [2] > https://github.com/WICG/shared-storage/blob/main/shared-storage-tester-list.md > > *Other signals*: > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > No > > > Debuggability > > The proposal includes a temporary debugging mechanism to facilitate > testing and integration. An internals page > (chrome://private-aggregation-internals) is also available to view the > status of pending and sent reports. > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, Chrome OS, Android, and Android WebView)? > > All but WebView > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? > > Reports sent through the API are subject to large delays and require > overriding a public key endpoint. Some end-to-end tests > <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/wpt_internal/private-aggregation/shared-storage-sends-report.https.html> > are currently internal web tests. Where possible, tests are external > <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/external/wpt/private-aggregation/> > and we are proposing new WebDriver APIs > <https://github.com/patcg-individual-drafts/private-aggregation-api/pull/64> > to support testing via web-platform-tests. Tests for the integration with > Protected Audience are in-progress <http://crbug.com/1456401> and should > land soon. > Thanks for working to enable more automation here, and putting what you can in WPT today. I think it's reasonable to pursue this in parallel. Are you looking for approval for the WebDriver API addition now too (still a PR), or happy to send a separate I2S for that when you're ready to ship it? +math...@chromium.org <math...@chromium.org> and team can advise on extending webdriver. Flag nameprivacy-sandbox-ads-apis > > Requires code in //chrome?False > > Tracking bughttps://crbug.com/1316659 > > Launch bughttps://crbug.com/1292756 > > Estimated milestonesWe intend to start an incremental ramp towards 100% > in Stable starting with M115. > > Anticipated spec changes > > A few changes to current behavior are expected including tying debug mode > to third-party cookie eligibility (issue > <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/57>) > and padding the encrypted payload (issue > <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/56>). > Extensions to the API to support multiple aggregation services, enable > Protected Audience report verification > <https://github.com/patcg-individual-drafts/private-aggregation-api/blob/main/report_verification.md>, > and allow arrays of contributions (issue > <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/44>) > are also expected and are purely additive. The JS interface for all of > these changes will be backwards compatible with the current API. > Thanks. Skimming the open issues I see at least one <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/44> which sounds like it would be a non-trivial breaking change. Are there others? Do you want to drive such issues to resolution (one way or the other) prior to shipping or make the case for why a breaking change will be doable (eg. a practical v2 migration strategy)? Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5743412790689792 > > Links to previous Intent discussionsIntent to prototype: > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFkKSt4YBNUn2h42G3z%2BqjwxjFAo%3DsPnrbvvOoNaDa_aAQ%40mail.gmail.com > Intent > to Experiment: > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiF%3DKQYXEVn%3DB4rMabH14UdYyA%2BF8qQkWyUVPB0rypS1N0Q%40mail.gmail.com > > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com/>. > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFk4cb%2Bi69Symy-KCjHbtquGSQCn5scXy_YMSSWGut2vJw%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFk4cb%2Bi69Symy-KCjHbtquGSQCn5scXy_YMSSWGut2vJw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY-OqR3nG8ghb0k2hGamf-76uVH%3DkYjhNGQi6mN84GjUzg%40mail.gmail.com.
