LGTM2 On Fri, Jan 17, 2025 at 2:47 PM Chris Harrelson <chris...@chromium.org> wrote:
> LGTM1 > > On Fri, Jan 17, 2025 at 11:27 AM Paul Jensen <pauljen...@chromium.org> > wrote: > >> Before starting the IETF spec, we reached out to IETF Area Directors for >> the ART and WIT groups and they advised us to draft the internet drafts for >> this protocol and the Bidding and Auction Services protocol (which is >> similar to this protocol and similarly uses OHTTP, HPKE, CBOR) and then >> submit them to the DISPATCH working groups. We planned to submit them >> after getting I2S review and approval, to allow incorporating feedback >> received during I2S review into the IETF spec. I'm not aware of any >> standards review of our internet drafts yet. >> >> On Thu, Jan 16, 2025 at 11:40 AM Chris Harrelson <chris...@chromium.org> >> wrote: >> >>> >>> >>> On Wed, Jan 15, 2025 at 10:29 AM Paul Jensen <pauljen...@chromium.org> >>> wrote: >>> >>>> The main relevant section of the Protected Audience explainer is 3.1.2 >>>> Trusted Signals Server in TEE >>>> <https://github.com/WICG/turtledove/blob/main/FLEDGE.md#312-trusted-signals-server-in-tee> >>>> The JavaScript API changes are minimal, just the extra >>>> trustedBiddingSignalsCoordinator and trustedScoringSignalsCoordinator >>>> fields. The bulk of the browser changes are explained in the >>>> explainer for the new protocol used to communicate with the Trusted >>>> Key-Value Server >>>> <https://github.com/WICG/turtledove/blob/main/FLEDGE_Key_Value_Server_API.md> >>>> . >>>> >>>> Similarly, the main relevant sections of the web spec are the sections >>>> that assemble the trusted bidding >>>> <https://wicg.github.io/turtledove/#build-trusted-key-value-bidding-signals-request-body> >>>> and trusted scoring >>>> <https://wicg.github.io/turtledove/#build-trusted-key-value-scoring-signals-request-body> >>>> sections, while the bulk of the new spec is the new IETF spec for the >>>> new protocol used to communicate with the Trusted Key-Value Server >>>> <https://privacysandbox.github.io/draft-ietf-protected-audience-key-value-service/draft-ietf-protected-audience-key-value-services.html> >>>> . >>>> >>> >>> Thanks for these links. Regarding IETF, what status does that IETF spec >>> have in terms of standards consensus or review at that body? >>> >>> >>>> >>>> On Wed, Jan 15, 2025 at 10:02 AM Yoav Weiss (@Shopify) < >>>> yoavwe...@chromium.org> wrote: >>>> >>>>> >>>>> >>>>> On Wednesday, January 8, 2025 at 5:59:00 PM UTC+1 Paul Jensen wrote: >>>>> >>>>> Contact emails >>>>> >>>>> pauljen...@chromium.org >>>>> >>>>> Explainer >>>>> >>>>> https://github.com/WICG/turtledove/pull/1342 >>>>> >>>>> https://github.com/WICG/turtledove/pull/1343 >>>>> >>>>> >>>>> Can you please point at relevant sections in the explainer, rather >>>>> than PR diffs? >>>>> >>>>> >>>>> >>>>> Specification >>>>> >>>>> The web platform portion of the specification: >>>>> https://github.com/WICG/turtledove/pull/1340 >>>>> >>>>> >>>>> Here as well, pointing to relevant sections of the spec would be >>>>> helpful. >>>>> >>>>> >>>>> The interface to the Trusted Key-Value Server endpoint: >>>>> https://privacysandbox.github.io/draft-ietf-protected- >>>>> audience-key-value-service/draft-ietf-protected-audience- >>>>> key-value-services.html >>>>> >>>>> Summary >>>>> >>>>> During Protected Audience (PA) API ad selection auctions, buyers and >>>>> sellers are able to fetch real-time signals from servers. As a temporary >>>>> mechanism, the buyer and seller can fetch these signals from any server, >>>>> including one they operate themselves (a "Bring Your Own Server" model); >>>>> this change does not remove this support. To improve user privacy and >>>>> enable new functionality, in the future versions of PA, the request will >>>>> only be sent to a trusted key-value-type server. The server is verified >>>>> by >>>>> external parties to ensure it’s running an approved binary built from the >>>>> open source key-value server code and is running in a trusted execution >>>>> environment (TEE), and only then is allowed access to decryption keys. >>>>> This proposal adds support to Chrome to communicate with these trusted >>>>> key-value servers using an encrypted protocol ensuring that only the >>>>> appropriately trusted servers can decrypt and respond, thus ensuring the >>>>> protocol and server maintain desired privacy characteristics. >>>>> >>>>> Blink component >>>>> >>>>> Blink>InterestGroups >>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EInterestGroups> >>>>> >>>>> TAG review >>>>> >>>>> For Protected Audience: https://github.com/w3ctag/ >>>>> design-reviews/issues/723 >>>>> >>>>> TAG review status >>>>> >>>>> Completed for PA, resolved unsatisfied. >>>>> >>>>> Risks >>>>> >>>>> >>>>> Interoperability and Compatibility >>>>> >>>>> Optional new functionality that does not break existing use. >>>>> >>>>> >>>>> Gecko & WebKit: For PA in general - Negative from Mozilla >>>>> <https://github.com/mozilla/standards-positions/issues/770#issuecomment-2432124085>. >>>>> No signal from Webkit >>>>> <https://github.com/WebKit/standards-positions/issues/158#issuecomment-2432121278> >>>>> . >>>>> >>>>> >>>>> Edge: Edge is running an Origin Trial of the Ad Selection API >>>>> <https://github.com/WICG/privacy-preserving-ads/blob/main/README.md> >>>>> which shares a Web API and services protocol with PA. >>>>> >>>>> >>>>> Web developers: At least four companies have expressed interest in another >>>>> feature <https://github.com/WICG/turtledove/issues/1105> (also here >>>>> <https://github.com/privacysandbox/protected-auction-key-value-service/issues/72#issuecomment-2485843775>) >>>>> that is blocked >>>>> <https://github.com/WICG/turtledove/issues/1105#issuecomment-2043779939> >>>>> on Trusted Key-Value Server Support in the browser. >>>>> >>>>> Debuggability >>>>> >>>>> HTTPS requests to Trusted Key-Value Servers are visible in the Chrome >>>>> DevTools Network pane. Response values are visible by setting breakpoints >>>>> in PA bidding scripts. >>>>> >>>>> Will this feature be supported on all six Blink platforms (Windows, >>>>> Mac, Linux, ChromeOS, Android, and Android WebView)? >>>>> >>>>> It will be supported on all platforms that support PA, so all but >>>>> WebView. >>>>> >>>>> Is this feature fully tested by web-platform-tests >>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>> ? >>>>> >>>>> We have started WPTs >>>>> <https://chromium-review.googlesource.com/c/chromium/src/+/6050105> >>>>> and plan to finish them soon. >>>>> >>>>> >>>>> Flag name on chrome://flags >>>>> >>>>> None >>>>> >>>>> >>>>> Finch feature name >>>>> >>>>> ProtectedAudienceTrustedKVSupport >>>>> >>>>> Requires code in //chrome? >>>>> >>>>> False >>>>> >>>>> Estimated milestones >>>>> >>>>> Shipping on desktop and Android in M132. >>>>> >>>>> Anticipated spec changes >>>>> >>>>> None >>>>> >>>>> Link to entry on the Chrome Platform Status >>>>> >>>>> https://chromestatus.com/feature/5072384013631488?gate= >>>>> 5125481377300480 >>>>> >>>>> This intent message was generated by Chrome Platform Status >>>>> <https://chromestatus.com/>. >>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+unsubscr...@chromium.org. >>>> To view this discussion visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrk0XPEYYdiRKLgN88cQ67TnzeJW7a5WVNdZCcnRp28u5A%40mail.gmail.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrk0XPEYYdiRKLgN88cQ67TnzeJW7a5WVNdZCcnRp28u5A%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWr%3DXpkgHPtBuLsY92P3JtzzG3tn3%2BN%2BN4ueFv%2B_H4qNV-A%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWr%3DXpkgHPtBuLsY92P3JtzzG3tn3%2BN%2BN4ueFv%2B_H4qNV-A%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw-9yG%3D__VmkeQa%3DNM8D9UyZ5C4MzhZzVDXta3b1LOtYbg%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw-9yG%3D__VmkeQa%3DNM8D9UyZ5C4MzhZzVDXta3b1LOtYbg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADsXd2PAT3a9qqozGOo2-7j1oLNd0yAw61dtGRGq%2BGNdub0wNg%40mail.gmail.com.
