This statement is under non goals. So I think you need to change that or remove the claim of transparency.
thx ..Tom (mobile) On Fri, Sep 8, 2023, 11:06 AM Shivani Sharma <[email protected]> wrote: > > > On Fri, Sep 8, 2023 at 12:55 PM Tom Jones <[email protected]> > wrote: > >> I cannot understand how it is possible to claim transparency with the >> following explanation. It seems completely misleading. >> >> Today, the attestation model does not seek to provide information to >> users within the browser or device in real-time about a developer's >> attestations >> > > Thanks for the question! The transparency for attestations is something > that would be added in a future iteration and as mentioned in the earlier > response, that will likely also include a public list of enrolled and > attested sites. > >> >> >> thx ..Tom (mobile) >> >> On Wed, Aug 30, 2023, 6:16 AM Shivani Sharma <[email protected]> >> wrote: >> >>> Contact emails >>> >>> [email protected], [email protected] >>> >>> >>> Explainer >>> >>> https://github.com/privacysandbox/attestation/blob/main/README.md >>> >>> Design document >>> >>> >>> https://docs.google.com/document/d/16PYa6wBBGBbV4YMujkFzBab8s4a7N4PcvpY0Js1qN1k/edit?usp=sharing >>> >>> Specification >>> >>> While the enrollment process itself is not intended to be standardized, >>> the impacted API specifications allow for a user agent defined gating >>> mechanism such as enrollment and attestation. The spec changes for the >>> gated APIs are linked below: >>> >>> Private aggregation (section with note on enrollment >>> <https://patcg-individual-drafts.github.io/private-aggregation-api/#scheduling-reports> >>> ) >>> >>> Shared Storage (pull request >>> <https://github.com/WICG/shared-storage/pull/105>) >>> >>> Topics (pull request >>> <https://github.com/patcg-individual-drafts/topics/pull/238/files>) >>> >>> Attribution reporting API (pull request >>> <https://github.com/WICG/attribution-reporting-api/pull/968>) >>> >>> Protected Audience (pull requests: 1 >>> <https://github.com/WICG/fenced-frame/pull/114/files>, 2 >>> <https://github.com/WICG/turtledove/pull/766/files>) >>> >>> >>> Summary and Motivation >>> >>> As the Privacy Sandbox relevance and measurement APIs start ramping up >>> for general availability, we want to make sure these technologies are used >>> as intended and with transparency. The APIs include Attribution Reporting, >>> the Protected Audience API, Topics, Private Aggregation and Shared Storage. >>> As announced in a blog post >>> <https://developer.chrome.com/blog/announce-enrollment-privacy-sandbox/>, >>> a new Developer Enrollment process for Privacy Sandbox relevance and >>> measurement APIs is being introduced across Chrome and Android. This I2S >>> refers to Chrome’s implementation of fetching the enrolled-sites list from >>> the enrollment server (via component updater >>> <https://chromium.googlesource.com/chromium/src/+/lkgr/components/component_updater/README.md>) >>> and using it to gate access to the Privacy Sandbox APIs. >>> >>> Blink component >>> >>> Blink>PrivateAggregation >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EPrivateAggregation> >>> >>> Blink>Storage>SharedStorage >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EStorage%3ESharedStorage&can=2> >>> >>> Blink>TopicsAPI >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ETopicsAPI> >>> >>> Internals > AttributionReporting >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Internals%3EAttributionReporting> >>> >>> Blink>InterestGroups >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EInterestGroups&can=2> >>> >>> Is this feature supported on all six Blink platforms (Windows, Mac, >>> Linux, Chrome OS, Android, and Android WebView)? >>> >>> Supported on all the above platforms except Android WebView. >>> >>> In the initial version, no gated APIs are supported on WebView , with >>> the caveat that the Attribution Reporting API delegates from WebView to >>> Android and would be gated as part of Android’s attestation based gating. >>> >>> Debuggability >>> Console errors: The API surfaces gated on enrollment and attestation >>> will output relevant console error messages if a given site is not allowed >>> to participate/invoke those API surfaces. (Private Aggregation API-related >>> console messages are output during its consumer API enrollment checks e.g. >>> Shared Storage, but could be made more specific in the future). >>> >>> Local override: For local testing, we are providing developer overrides >>> with a Chrome flag and CLI switch: >>> >>> Flag: chrome://flags/#privacy-sandbox-enrollment-overrides >>> >>> CLI: --privacy-sandbox-enrollment-overrides=https://example.com, >>> https://example.co.uk,... >>> >>> Initial public proposal >>> >>> https://github.com/privacysandbox/attestation/blob/main/README.md >>> >>> TAG review >>> >>> Private Aggregation (comment >>> <https://github.com/w3ctag/design-reviews/issues/846#issuecomment-1690139513> >>> ) >>> >>> Shared Storage (comment >>> <https://github.com/w3ctag/design-reviews/issues/747#issuecomment-1690156498> >>> ) >>> >>> Topics (comment >>> <https://github.com/w3ctag/design-reviews/issues/726#issuecomment-1690087586> >>> ) >>> >>> Attribution reporting API (comment >>> <https://github.com/w3ctag/design-reviews/issues/724#issuecomment-1690076332> >>> ) >>> >>> Protected Audience (comment >>> <https://github.com/w3ctag/design-reviews/issues/723#issuecomment-1690413217> >>> ) >>> >>> RisksInteroperability >>> >>> Initially the enrolled and attested sites list will only be available to >>> Chrome browsers. The list is publicly available in the sense that it's >>> shipped to Chrome browsers, but we don't have an official site currently >>> where we post it. However, we could potentially do so in the future and >>> that would enable other browsers to have a consistent gating mechanism. >>> >>> Compatibility >>> >>> No compatibility concerns. The existing APIs either return promises, and >>> will reject for callers that are not enrolled (and they can already reject >>> for other reasons today), or they don’t return anything and the script will >>> not break. >>> >>> Is this feature fully tested by web-platform-tests >>> <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> >>> ? >>> >>> No, as there are no plans to standardize this behavior. >>> >>> Tracking bugcrbug.com/1448875 >>> Launch bug >>> >>> https://launch.corp.google.com/launch/4260778 >>> >>> Estimated milestones >>> >>> M118 >>> >>> Links to previous Intent discussions >>> >>> Intent to prototype: >>> https://groups.google.com/a/chromium.org/g/blink-dev/c/Zy6uyaTdcJ8 >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADAcp086BcDbQX%2B2ED-9eU06ZZPH6_MMpB0cr2F0Jf40H4EACw%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADAcp086BcDbQX%2B2ED-9eU06ZZPH6_MMpB0cr2F0Jf40H4EACw%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK2Cwb4jaWRSzBr0ksG8NBnBXsMS4gc3113vESx%2B5Uvp5cz48w%40mail.gmail.com.
