This is now enabled for OT on Linux and ChromeOS as well On Mon, Feb 3, 2025 at 8:14 PM Mohamed Amir Yosef <ma...@chromium.org> wrote:
> This is now enabled for OT on Win/Mac. (starting 134) (in addition to > Android which has been already enabled ) > > Thank you! > > On Tuesday, January 14, 2025 at 6:17:04 PM UTC+1 Rick Byers wrote: > >> Whoops, I'm very embarrassed to admit that I told Mohamed that he could >> request a renewal for 6 milestones. Sorry, my bad! I expect we'll likely >> need one more renewal before shipping, but we've got a bunch of progress we >> anticipate on the specification so hopefully it won't be controversial when >> we get there. >> >> Thank you for the approval for 3 more milestones! >> >> Rick >> >> On Tue, Jan 14, 2025 at 10:57 AM Mike Taylor <miketa...@chromium.org> >> wrote: >> >>> Thanks - LGTM to extend from M134 to M136. >>> On 1/14/25 10:41 AM, Mohamed Amir Yosef wrote: >>> >>> Hi Mike, >>> >>> Thank you for the prompt response, and I am sorry for the confusion, I >>> thought an extension for up to 6 milestones is possible. >>> >>> The OT expires in 133, so I would like to extend it to 136. >>> >>> Thank you, >>> Mohamed >>> >>> On Tue, Jan 14, 2025 at 4:30 PM Mike Taylor <miketa...@chromium.org> >>> wrote: >>> >>>> Hi Sam, >>>> >>>> Can you clarify what milestones you're requesting the extension for? Is >>>> it 134 to 139? >>>> >>>> I see evidence of substantial progress which is great, but an OT can >>>> only be renewed for up to 3 milestones. >>>> >>>> thanks, >>>> Mike >>>> On 1/14/25 10:22 AM, Chromestatus wrote: >>>> >>>> Contact emails rby...@chromium.org, g...@chromium.org, >>>> ma...@chromium.org >>>> >>>> Explainer >>>> https://github.com/WICG/digital-credentials/blob/main/explainer.md >>>> >>>> Specification https://wicg.github.io/digital-credentials >>>> >>>> Summary >>>> >>>> Websites can and do get credentials from mobile wallet apps through a >>>> variety of mechanisms today (custom URL handlers, QR code scanning, etc.). >>>> This Web Platform feature would allow sites to request identity information >>>> from wallets via Android's IdentityCredential CredMan system. It is >>>> extensible to support multiple credential formats (eg. ISO mDoc and W3C >>>> verifiable credential) and allows multiple wallet apps to be used. >>>> Mechanisms are being added to help reduce the risk of ecosystem-scale abuse >>>> of real-world identity (see >>>> https://docs.google.com/document/u/1/d/1L68tmNXCQXucsCV8eS8CBd_F9FZ6TNwKNOaFkA8RfwI/edit). >>>> >>>> >>>> >>>> Blink component Blink>Identity>DigitalCredentials >>>> <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3EIdentity%3EDigitalCredentials%22> >>>> >>>> TAG review Mozilla feedback from Martin (also on the TAG) suggests we >>>> need to invest more in the threat model for the larger space and clarify >>>> specific privacy mitigations before shipping or requesting TAG review. >>>> >>>> TAG review status Pending >>>> >>>> Origin Trial Name Digital Credentials API >>>> >>>> Chromium Trial Name WebIdentityDigitalCredentials >>>> >>>> Origin Trial documentation link >>>> https://wicg.github.io/digital-credentials >>>> >>>> WebFeature UseCounter name kIdentityDigitalCredentials >>>> >>>> Risks >>>> >>>> >>>> Interoperability and Compatibility >>>> >>>> There are multiple standards efforts involved here. We have been >>>> working with WebKit and Mozilla in the WICG on defining this specific API. >>>> But the greater interoperability risk will come from the data that is sent >>>> and returned via this API. Details of that are still in discussions but >>>> mostly driven outside the web browser community in the OpenID Foundation >>>> (eg. OpenID4VP: >>>> https://openid.net/specs/openid-4-verifiable-presentations-1_0.html) >>>> and ISO (18013-7 "mdoc": https://www.iso.org/standard/82772.html) >>>> >>>> >>>> *Gecko*: Negative ( >>>> https://github.com/mozilla/standards-positions/issues/1003) We share >>>> most of Mozilla's concerns and continue to work with them (and the broader >>>> community) on mitigations. I believe we feel greater risk for the >>>> established practice of custom schemes becoming prevalent than Mozilla does >>>> (eg. due to Google being mandated by eIDAS regulation to accept EUDI >>>> credentials). >>>> >>>> *WebKit*: In development ( >>>> https://github.com/WebKit/standards-positions/issues/332) WebKit >>>> implementation progress: https://bugs.webkit.org/show_bug.cgi?id=268516 >>>> >>>> *Web developers*: No signals >>>> >>>> *Other signals*: This work in the W3C PING is relevant: >>>> https://github.com/w3cping/credential-considerations/ >>>> >>>> Ergonomics >>>> >>>> There's a possibility that these credentials will be used alongside >>>> other types of credentials in the future - such as optionally minting a >>>> passkey when a digital credential is used to sign up for a site, or by >>>> allowing sign-up with either a digital credential or a federated credential >>>> via FedCM. As such we argued it was best to put this work in the context of >>>> the Credential Management API, and hence the support is added in >>>> 'navigator.identity.get() API . >>>> >>>> >>>> Activation >>>> >>>> The primary activation concern is enabling existing deployments using >>>> technology like OpenID4VP to be able to also support this API. As such we >>>> have left the request protocol unspecified at this layer, to be specified >>>> along with existing request protocols to maximize activation opportunity. >>>> >>>> >>>> Security >>>> >>>> See >>>> https://github.com/WICG/digital-credentials/blob/main/horizontal-reviews/security-privacy.md >>>> and https://github.com/WICG/digital-credentials/issues/115 >>>> >>>> >>>> WebView application risks >>>> >>>> Does this intent deprecate or change behavior of existing APIs, such >>>> that it has potentially high risk for Android WebView-based applications? >>>> >>>> >>>> Goals for experimentation >>>> >>>> Reason this experiment is being extended >>>> >>>> I'd like to request permission to extend an OT for this API. The >>>> experiment has been running for Android only so far, but in the meanwhile: >>>> 1- There has been progress on the spec >>>> https://wicg.github.io/digital-credentials/ and it is expected to >>>> graduate to the FedID WG soon. 2- We have added Desktop cross-device >>>> support. Therefore, we are requesting the extension. >>>> >>>> >>>> Ongoing technical constraints >>>> >>>> None >>>> >>>> >>>> Debuggability >>>> >>>> None necessary - just new JS API. For testing we may want to add a >>>> developer option to provide a fake wallet (as for the devtools fake >>>> authenticator for WebAuthn), but this is not urgent. >>>> >>>> >>>> Will this feature be supported on all six Blink platforms (Windows, >>>> Mac, Linux, ChromeOS, Android, and Android WebView)? No >>>> >>>> Android and Desktop Only >>>> >>>> >>>> Is this feature fully tested by web-platform-tests >>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>> ? Yes >>>> >>>> >>>> https://wpt.fyi/results/digital-credentials?label=master&label=experimental&aligned >>>> >>>> >>>> DevTrial instructions >>>> https://github.com/WICG/digital-identities/wiki/HOWTO%3A-Try-the-Prototype-API-in-Chrome-Android >>>> >>>> Flag name on about://flags web-identity-digital-credentials >>>> >>>> Finch feature name WebIdentityDigitalCredentials >>>> >>>> Requires code in //chrome? True >>>> >>>> Tracking bug https://issues.chromium.org/issues/40257092 >>>> >>>> Launch bug https://launch.corp.google.com/launch/4268575 >>>> >>>> Estimated milestones >>>> Origin trial desktop first 134 >>>> Origin trial desktop last 139 >>>> Origin trial extension 1 end milestone 139 >>>> Origin trial Android first 128 >>>> Origin trial Android last 133 >>>> DevTrial on Android 119 >>>> >>>> Link to entry on the Chrome Platform Status >>>> https://chromestatus.com/feature/5166035265650688?gate=5119315604668416 >>>> >>>> Links to previous Intent discussions Intent to Prototype: >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL9PXLx3sHWmdE-ikAEDay_S3ijf0%2BfxB_LbsuOx8YJx%2BZA7%2Bg%40mail.gmail.com >>>> Intent to Experiment: >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY-421uDmu2WNDBG5bYRSWAhfmahsHPVjDwN5NLkUdCkvw%40mail.gmail.com >>>> >>>> >>>> This intent message was generated by Chrome Platform Status >>>> <https://chromestatus.com>. >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "blink-dev" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to blink-dev+unsubscr...@chromium.org. >>>> To view this discussion visit >>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6786814c.2b0a0220.1b83ac.051d.GAE%40google.com >>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6786814c.2b0a0220.1b83ac.051d.GAE%40google.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOZU3iFfQjxL8LWwVS8E_CFw8uVgDgg2_uzMWUp1zVhkZH76NA%40mail.gmail.com.
