On Tue, Jun 20, 2023 at 5:39 PM Rick Byers <rby...@chromium.org> wrote:
> > On Tue, Jun 20, 2023 at 4:51 PM Alex Turner <ale...@chromium.org> wrote: > >> Contact emailsale...@chromium.org >> >> Explainer >> https://github.com/patcg-individual-drafts/private-aggregation-api >> >> Specification >> https://patcg-individual-drafts.github.io/private-aggregation-api >> >> Summary >> >> A generic mechanism for measuring aggregate, cross-site data in a privacy >> preserving manner. The potentially identifying cross-site data is >> encapsulated into "aggregatable reports". To prevent leakage, this data is >> encrypted, ensuring it can only be processed by the aggregation service. >> During processing, this service will add noise and impose limits on how >> many queries can be performed. >> >> Blink componentBlink>PrivateAggregation >> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPrivateAggregation> >> >> TAG reviewhttps://github.com/w3ctag/design-reviews/issues/846 >> >> TAG review statusPending >> >> Risks >> >> >> Interoperability and Compatibility >> >> >> >> *Gecko*: No signal specific to Private Aggregation ( >> https://github.com/mozilla/standards-positions/issues/805). However the >> Gecko position on Shared Storage (one of the ways Private Aggregation is >> exposed) is negative. >> >> *WebKit*: No signal ( >> https://github.com/WebKit/standards-positions/issues/189) >> >> *Web developers*: Developers have shown interest in the API both for >> cross-site use cases through Shared Storage and for Protected Audience >> aggregate reporting and have engaged on GitHub[1]. For Shared Storage, >> multiple testers have publicly flagged their interest via the public Shared >> Storage Testers List [2]. >> >> [1] >> https://github.com/patcg-individual-drafts/private-aggregation-api/issues >> [2] >> https://github.com/WICG/shared-storage/blob/main/shared-storage-tester-list.md >> >> *Other signals*: >> >> WebView application risks >> >> Does this intent deprecate or change behavior of existing APIs, such that >> it has potentially high risk for Android WebView-based applications? >> >> No >> >> >> Debuggability >> >> The proposal includes a temporary debugging mechanism to facilitate >> testing and integration. An internals page >> (chrome://private-aggregation-internals) is also available to view the >> status of pending and sent reports. >> >> Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, Chrome OS, Android, and Android WebView)? >> >> All but WebView >> >> Is this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >> ? >> >> Reports sent through the API are subject to large delays and require >> overriding a public key endpoint. Some end-to-end tests >> <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/wpt_internal/private-aggregation/shared-storage-sends-report.https.html> >> are currently internal web tests. Where possible, tests are external >> <https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/external/wpt/private-aggregation/> >> and we are proposing new WebDriver APIs >> <https://github.com/patcg-individual-drafts/private-aggregation-api/pull/64> >> to support testing via web-platform-tests. Tests for the integration with >> Protected Audience are in-progress <http://crbug.com/1456401> and should >> land soon. >> > > Thanks for working to enable more automation here, and putting what you > can in WPT today. I think it's reasonable to pursue this in parallel. Are > you looking for approval for the WebDriver API addition now too (still a > PR), or happy to send a separate I2S for that when you're ready to ship it? > +math...@chromium.org <math...@chromium.org> and team can advise on > extending webdriver. > Yeah, I think it makes sense to consolidate these together unless there are concerns with that approach. Thanks! > > Flag nameprivacy-sandbox-ads-apis >> >> Requires code in //chrome?False >> >> Tracking bughttps://crbug.com/1316659 >> >> Launch bughttps://crbug.com/1292756 >> >> Estimated milestonesWe intend to start an incremental ramp towards 100% >> in Stable starting with M115. >> >> Anticipated spec changes >> >> A few changes to current behavior are expected including tying debug mode >> to third-party cookie eligibility (issue >> <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/57>) >> and padding the encrypted payload (issue >> <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/56>). >> Extensions to the API to support multiple aggregation services, enable >> Protected Audience report verification >> <https://github.com/patcg-individual-drafts/private-aggregation-api/blob/main/report_verification.md>, >> and allow arrays of contributions (issue >> <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/44>) >> are also expected and are purely additive. The JS interface for all of >> these changes will be backwards compatible with the current API. >> > > Thanks. Skimming the open issues I see at least one > <https://github.com/patcg-individual-drafts/private-aggregation-api/issues/44> > which > sounds like it would be a non-trivial breaking change. Are there others? Do > you want to drive such issues to resolution (one way or the other) prior to > shipping or make the case for why a breaking change will be doable (eg. a > practical v2 migration strategy)? > > Link to entry on the Chrome Platform Status >> https://chromestatus.com/feature/5743412790689792 >> >> Links to previous Intent discussionsIntent to prototype: >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFkKSt4YBNUn2h42G3z%2BqjwxjFAo%3DsPnrbvvOoNaDa_aAQ%40mail.gmail.com >> Intent >> to Experiment: >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiF%3DKQYXEVn%3DB4rMabH14UdYyA%2BF8qQkWyUVPB0rypS1N0Q%40mail.gmail.com >> >> >> This intent message was generated by Chrome Platform Status >> <https://chromestatus.com/>. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFk4cb%2Bi69Symy-KCjHbtquGSQCn5scXy_YMSSWGut2vJw%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiFk4cb%2Bi69Symy-KCjHbtquGSQCn5scXy_YMSSWGut2vJw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAA%2BBiF%3DAHzyktAiGjp_gbpj6aEiHdukRr%3DUfS5JGqzv3q8T%2Bcw%40mail.gmail.com.
