LGTM1 On Fri, Jan 17, 2025 at 11:27 AM Paul Jensen <pauljen...@chromium.org> wrote:
> Before starting the IETF spec, we reached out to IETF Area Directors for > the ART and WIT groups and they advised us to draft the internet drafts for > this protocol and the Bidding and Auction Services protocol (which is > similar to this protocol and similarly uses OHTTP, HPKE, CBOR) and then > submit them to the DISPATCH working groups. We planned to submit them > after getting I2S review and approval, to allow incorporating feedback > received during I2S review into the IETF spec. I'm not aware of any > standards review of our internet drafts yet. > > On Thu, Jan 16, 2025 at 11:40 AM Chris Harrelson <chris...@chromium.org> > wrote: > >> >> >> On Wed, Jan 15, 2025 at 10:29 AM Paul Jensen <pauljen...@chromium.org> >> wrote: >> >>> The main relevant section of the Protected Audience explainer is 3.1.2 >>> Trusted Signals Server in TEE >>> <https://github.com/WICG/turtledove/blob/main/FLEDGE.md#312-trusted-signals-server-in-tee> >>> The JavaScript API changes are minimal, just the extra >>> trustedBiddingSignalsCoordinator and trustedScoringSignalsCoordinator >>> fields. The bulk of the browser changes are explained in the explainer >>> for the new protocol used to communicate with the Trusted Key-Value Server >>> <https://github.com/WICG/turtledove/blob/main/FLEDGE_Key_Value_Server_API.md> >>> . >>> >>> Similarly, the main relevant sections of the web spec are the sections >>> that assemble the trusted bidding >>> <https://wicg.github.io/turtledove/#build-trusted-key-value-bidding-signals-request-body> >>> and trusted scoring >>> <https://wicg.github.io/turtledove/#build-trusted-key-value-scoring-signals-request-body> >>> sections, while the bulk of the new spec is the new IETF spec for the >>> new protocol used to communicate with the Trusted Key-Value Server >>> <https://privacysandbox.github.io/draft-ietf-protected-audience-key-value-service/draft-ietf-protected-audience-key-value-services.html> >>> . >>> >> >> Thanks for these links. Regarding IETF, what status does that IETF spec >> have in terms of standards consensus or review at that body? >> >> >>> >>> On Wed, Jan 15, 2025 at 10:02 AM Yoav Weiss (@Shopify) < >>> yoavwe...@chromium.org> wrote: >>> >>>> >>>> >>>> On Wednesday, January 8, 2025 at 5:59:00 PM UTC+1 Paul Jensen wrote: >>>> >>>> Contact emails >>>> >>>> pauljen...@chromium.org >>>> >>>> Explainer >>>> >>>> https://github.com/WICG/turtledove/pull/1342 >>>> >>>> https://github.com/WICG/turtledove/pull/1343 >>>> >>>> >>>> Can you please point at relevant sections in the explainer, rather than >>>> PR diffs? >>>> >>>> >>>> >>>> Specification >>>> >>>> The web platform portion of the specification: https://github.com/WICG/ >>>> turtledove/pull/1340 >>>> >>>> >>>> Here as well, pointing to relevant sections of the spec would be >>>> helpful. >>>> >>>> >>>> The interface to the Trusted Key-Value Server endpoint: >>>> https://privacysandbox.github.io/draft-ietf-protected- >>>> audience-key-value-service/draft-ietf-protected-audience- >>>> key-value-services.html >>>> >>>> Summary >>>> >>>> During Protected Audience (PA) API ad selection auctions, buyers and >>>> sellers are able to fetch real-time signals from servers. As a temporary >>>> mechanism, the buyer and seller can fetch these signals from any server, >>>> including one they operate themselves (a "Bring Your Own Server" model); >>>> this change does not remove this support. To improve user privacy and >>>> enable new functionality, in the future versions of PA, the request will >>>> only be sent to a trusted key-value-type server. The server is verified by >>>> external parties to ensure it’s running an approved binary built from the >>>> open source key-value server code and is running in a trusted execution >>>> environment (TEE), and only then is allowed access to decryption keys. >>>> This proposal adds support to Chrome to communicate with these trusted >>>> key-value servers using an encrypted protocol ensuring that only the >>>> appropriately trusted servers can decrypt and respond, thus ensuring the >>>> protocol and server maintain desired privacy characteristics. >>>> >>>> Blink component >>>> >>>> Blink>InterestGroups >>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EInterestGroups> >>>> >>>> TAG review >>>> >>>> For Protected Audience: https://github.com/w3ctag/ >>>> design-reviews/issues/723 >>>> >>>> TAG review status >>>> >>>> Completed for PA, resolved unsatisfied. >>>> >>>> Risks >>>> >>>> >>>> Interoperability and Compatibility >>>> >>>> Optional new functionality that does not break existing use. >>>> >>>> >>>> Gecko & WebKit: For PA in general - Negative from Mozilla >>>> <https://github.com/mozilla/standards-positions/issues/770#issuecomment-2432124085>. >>>> No signal from Webkit >>>> <https://github.com/WebKit/standards-positions/issues/158#issuecomment-2432121278> >>>> . >>>> >>>> >>>> Edge: Edge is running an Origin Trial of the Ad Selection API >>>> <https://github.com/WICG/privacy-preserving-ads/blob/main/README.md> >>>> which shares a Web API and services protocol with PA. >>>> >>>> >>>> Web developers: At least four companies have expressed interest in another >>>> feature <https://github.com/WICG/turtledove/issues/1105> (also here >>>> <https://github.com/privacysandbox/protected-auction-key-value-service/issues/72#issuecomment-2485843775>) >>>> that is blocked >>>> <https://github.com/WICG/turtledove/issues/1105#issuecomment-2043779939> >>>> on Trusted Key-Value Server Support in the browser. >>>> >>>> Debuggability >>>> >>>> HTTPS requests to Trusted Key-Value Servers are visible in the Chrome >>>> DevTools Network pane. Response values are visible by setting breakpoints >>>> in PA bidding scripts. >>>> >>>> Will this feature be supported on all six Blink platforms (Windows, >>>> Mac, Linux, ChromeOS, Android, and Android WebView)? >>>> >>>> It will be supported on all platforms that support PA, so all but >>>> WebView. >>>> >>>> Is this feature fully tested by web-platform-tests >>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>> ? >>>> >>>> We have started WPTs >>>> <https://chromium-review.googlesource.com/c/chromium/src/+/6050105> >>>> and plan to finish them soon. >>>> >>>> >>>> Flag name on chrome://flags >>>> >>>> None >>>> >>>> >>>> Finch feature name >>>> >>>> ProtectedAudienceTrustedKVSupport >>>> >>>> Requires code in //chrome? >>>> >>>> False >>>> >>>> Estimated milestones >>>> >>>> Shipping on desktop and Android in M132. >>>> >>>> Anticipated spec changes >>>> >>>> None >>>> >>>> Link to entry on the Chrome Platform Status >>>> >>>> https://chromestatus.com/feature/5072384013631488?gate=5125481377300480 >>>> >>>> This intent message was generated by Chrome Platform Status >>>> <https://chromestatus.com/>. >>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to blink-dev+unsubscr...@chromium.org. >>> To view this discussion visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrk0XPEYYdiRKLgN88cQ67TnzeJW7a5WVNdZCcnRp28u5A%40mail.gmail.com >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrk0XPEYYdiRKLgN88cQ67TnzeJW7a5WVNdZCcnRp28u5A%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWr%3DXpkgHPtBuLsY92P3JtzzG3tn3%2BN%2BN4ueFv%2B_H4qNV-A%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWr%3DXpkgHPtBuLsY92P3JtzzG3tn3%2BN%2BN4ueFv%2B_H4qNV-A%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw-9yG%3D__VmkeQa%3DNM8D9UyZ5C4MzhZzVDXta3b1LOtYbg%40mail.gmail.com.
