This is now enabled for OT on Win/Mac. (starting 134) (in addition to Android which has been already enabled )
Thank you! On Tuesday, January 14, 2025 at 6:17:04 PM UTC+1 Rick Byers wrote: > Whoops, I'm very embarrassed to admit that I told Mohamed that he could > request a renewal for 6 milestones. Sorry, my bad! I expect we'll likely > need one more renewal before shipping, but we've got a bunch of progress we > anticipate on the specification so hopefully it won't be controversial when > we get there. > > Thank you for the approval for 3 more milestones! > > Rick > > On Tue, Jan 14, 2025 at 10:57 AM Mike Taylor <miketa...@chromium.org> > wrote: > >> Thanks - LGTM to extend from M134 to M136. >> On 1/14/25 10:41 AM, Mohamed Amir Yosef wrote: >> >> Hi Mike, >> >> Thank you for the prompt response, and I am sorry for the confusion, I >> thought an extension for up to 6 milestones is possible. >> >> The OT expires in 133, so I would like to extend it to 136. >> >> Thank you, >> Mohamed >> >> On Tue, Jan 14, 2025 at 4:30 PM Mike Taylor <miketa...@chromium.org> >> wrote: >> >>> Hi Sam, >>> >>> Can you clarify what milestones you're requesting the extension for? Is >>> it 134 to 139? >>> >>> I see evidence of substantial progress which is great, but an OT can >>> only be renewed for up to 3 milestones. >>> >>> thanks, >>> Mike >>> On 1/14/25 10:22 AM, Chromestatus wrote: >>> >>> Contact emails rby...@chromium.org, g...@chromium.org, >>> ma...@chromium.org >>> >>> Explainer >>> https://github.com/WICG/digital-credentials/blob/main/explainer.md >>> >>> Specification https://wicg.github.io/digital-credentials >>> >>> Summary >>> >>> Websites can and do get credentials from mobile wallet apps through a >>> variety of mechanisms today (custom URL handlers, QR code scanning, etc.). >>> This Web Platform feature would allow sites to request identity information >>> from wallets via Android's IdentityCredential CredMan system. It is >>> extensible to support multiple credential formats (eg. ISO mDoc and W3C >>> verifiable credential) and allows multiple wallet apps to be used. >>> Mechanisms are being added to help reduce the risk of ecosystem-scale abuse >>> of real-world identity (see >>> https://docs.google.com/document/u/1/d/1L68tmNXCQXucsCV8eS8CBd_F9FZ6TNwKNOaFkA8RfwI/edit). >>> >>> >>> >>> >>> Blink component Blink>Identity>DigitalCredentials >>> <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3EIdentity%3EDigitalCredentials%22> >>> >>> >>> TAG review Mozilla feedback from Martin (also on the TAG) suggests we >>> need to invest more in the threat model for the larger space and clarify >>> specific privacy mitigations before shipping or requesting TAG review. >>> >>> TAG review status Pending >>> >>> Origin Trial Name Digital Credentials API >>> >>> Chromium Trial Name WebIdentityDigitalCredentials >>> >>> Origin Trial documentation link >>> https://wicg.github.io/digital-credentials >>> >>> WebFeature UseCounter name kIdentityDigitalCredentials >>> >>> Risks >>> >>> >>> Interoperability and Compatibility >>> >>> There are multiple standards efforts involved here. We have been working >>> with WebKit and Mozilla in the WICG on defining this specific API. But the >>> greater interoperability risk will come from the data that is sent and >>> returned via this API. Details of that are still in discussions but mostly >>> driven outside the web browser community in the OpenID Foundation (eg. >>> OpenID4VP: >>> https://openid.net/specs/openid-4-verifiable-presentations-1_0.html) >>> and ISO (18013-7 "mdoc": https://www.iso.org/standard/82772.html) >>> >>> >>> *Gecko*: Negative ( >>> https://github.com/mozilla/standards-positions/issues/1003) We share >>> most of Mozilla's concerns and continue to work with them (and the broader >>> community) on mitigations. I believe we feel greater risk for the >>> established practice of custom schemes becoming prevalent than Mozilla does >>> (eg. due to Google being mandated by eIDAS regulation to accept EUDI >>> credentials). >>> >>> *WebKit*: In development ( >>> https://github.com/WebKit/standards-positions/issues/332) WebKit >>> implementation progress: https://bugs.webkit.org/show_bug.cgi?id=268516 >>> >>> *Web developers*: No signals >>> >>> *Other signals*: This work in the W3C PING is relevant: >>> https://github.com/w3cping/credential-considerations/ >>> >>> Ergonomics >>> >>> There's a possibility that these credentials will be used alongside >>> other types of credentials in the future - such as optionally minting a >>> passkey when a digital credential is used to sign up for a site, or by >>> allowing sign-up with either a digital credential or a federated credential >>> via FedCM. As such we argued it was best to put this work in the context of >>> the Credential Management API, and hence the support is added in >>> 'navigator.identity.get() API . >>> >>> >>> Activation >>> >>> The primary activation concern is enabling existing deployments using >>> technology like OpenID4VP to be able to also support this API. As such we >>> have left the request protocol unspecified at this layer, to be specified >>> along with existing request protocols to maximize activation opportunity. >>> >>> >>> Security >>> >>> See >>> https://github.com/WICG/digital-credentials/blob/main/horizontal-reviews/security-privacy.md >>> >>> and https://github.com/WICG/digital-credentials/issues/115 >>> >>> >>> WebView application risks >>> >>> Does this intent deprecate or change behavior of existing APIs, such >>> that it has potentially high risk for Android WebView-based applications? >>> >>> >>> Goals for experimentation >>> >>> Reason this experiment is being extended >>> >>> I'd like to request permission to extend an OT for this API. The >>> experiment has been running for Android only so far, but in the meanwhile: >>> 1- There has been progress on the spec >>> https://wicg.github.io/digital-credentials/ and it is expected to >>> graduate to the FedID WG soon. 2- We have added Desktop cross-device >>> support. Therefore, we are requesting the extension. >>> >>> >>> Ongoing technical constraints >>> >>> None >>> >>> >>> Debuggability >>> >>> None necessary - just new JS API. For testing we may want to add a >>> developer option to provide a fake wallet (as for the devtools fake >>> authenticator for WebAuthn), but this is not urgent. >>> >>> >>> Will this feature be supported on all six Blink platforms (Windows, Mac, >>> Linux, ChromeOS, Android, and Android WebView)? No >>> >>> Android and Desktop Only >>> >>> >>> Is this feature fully tested by web-platform-tests >>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>> ? Yes >>> >>> >>> https://wpt.fyi/results/digital-credentials?label=master&label=experimental&aligned >>> >>> >>> DevTrial instructions >>> https://github.com/WICG/digital-identities/wiki/HOWTO%3A-Try-the-Prototype-API-in-Chrome-Android >>> >>> >>> Flag name on about://flags web-identity-digital-credentials >>> >>> Finch feature name WebIdentityDigitalCredentials >>> >>> Requires code in //chrome? True >>> >>> Tracking bug https://issues.chromium.org/issues/40257092 >>> >>> Launch bug https://launch.corp.google.com/launch/4268575 >>> >>> Estimated milestones >>> Origin trial desktop first 134 >>> Origin trial desktop last 139 >>> Origin trial extension 1 end milestone 139 >>> Origin trial Android first 128 >>> Origin trial Android last 133 >>> DevTrial on Android 119 >>> >>> Link to entry on the Chrome Platform Status >>> https://chromestatus.com/feature/5166035265650688?gate=5119315604668416 >>> >>> Links to previous Intent discussions Intent to Prototype: >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL9PXLx3sHWmdE-ikAEDay_S3ijf0%2BfxB_LbsuOx8YJx%2BZA7%2Bg%40mail.gmail.com >>> >>> Intent to Experiment: >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY-421uDmu2WNDBG5bYRSWAhfmahsHPVjDwN5NLkUdCkvw%40mail.gmail.com >>> >>> >>> >>> This intent message was generated by Chrome Platform Status >>> <https://chromestatus.com>. >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "blink-dev" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to blink-dev+unsubscr...@chromium.org. >>> To view this discussion visit >>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6786814c.2b0a0220.1b83ac.051d.GAE%40google.com >>> >>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6786814c.2b0a0220.1b83ac.051d.GAE%40google.com?utm_medium=email&utm_source=footer> >>> . >>> >>> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/15306e87-4436-4b2d-a2ac-90e3efa08e79n%40chromium.org.
