Re: [blink-dev] Intent to Ship: X25519Kyber768 key encapsulation for TLS on Desktop

On Tue, Mar 19, 2024 at 10:23 PM David Benjamin wrote: > > I'm guessing we're talking about MITM middleboxes, is that correct? > > What's our plan to mitigate that risk? Slow rollout? Enterprise policy? > Both? Something else entirely? > > Whether the middlebox MITMs the TLS connection is not

[blink-dev] Intent to Prototype: Document picture-in-picture: propagate user activation

Contact emailsstei...@chromium.org, liber...@chromium.org ExplainerNone Specificationhttps://github.com/WICG/document-picture-in-picture/pull/117 Summary This makes user activations in a document picture-in-picture window usable inside its opener window. This makes it more ergonomic to use

Re: [blink-dev] Intent to Deprecate and Remove: Deprecate the includeShadowRoots argument on DOMParser

On Tue, Mar 19, 2024 at 1:44 PM Mike Taylor wrote: > Hi Mason, > > Would you mind requesting reviews for the various shipping gates (privacy, > security, enterprise, etc.) in your chromestatus entry? > Definitely! But I only need to do that before I ship this, right? I.e. not required yet,

Re: [blink-dev] Intent to Ship: X25519Kyber768 key encapsulation for TLS on Desktop

> I'm guessing we're talking about MITM middleboxes, is that correct? > What's our plan to mitigate that risk? Slow rollout? Enterprise policy? Both? Something else entirely? Whether the middlebox MITMs the TLS connection is not terribly important. As long as they attempt to parse the

Re: [blink-dev] Re: Intent to Ship: Compute Pressure

LGTM3 On Mon, Mar 18, 2024 at 6:10 AM Arnaud Mandy wrote: > Shipping of Compute Pressure API has been changed from M124 to M125. > Today is M124 branching and we are not fulfilling all the requirements for > shipping given the ongoing discussions, the filed issue >

Re: [blink-dev] Intent to Deprecate and Remove: Deprecate the includeShadowRoots argument on DOMParser

Hi Mason, Would you mind requesting reviews for the various shipping gates (privacy, security, enterprise, etc.) in your chromestatus entry? On 3/15/24 6:49 PM, Mason Freed wrote: Contact emails mas...@chromium.org Explainer None

Re: [blink-dev] Intent to Ship: X25519Kyber768 key encapsulation for TLS on Desktop

Also, would you mind requesting reviews for the various shipping gates (privacy, security, enterprise, etc.) in your chromestatus entry? On 3/19/24 12:34 PM, Yoav Weiss (@Shopify) wrote: On Mon, Mar 18, 2024 at 3:37 PM 'David Adrian' via blink-dev wrote: Contact emails

Re: [blink-dev] Intent to Ship: Extending Storage Access API (SAA) to non-cookie storage

Sorry about that, it's been resolved and https://privacycg.github.io/saa-non-cookie-storage/ is now a draft spec. ~ Ari Chivukula (Their/There/They're) On Thu, Mar 14, 2024, 21:47 Domenic Denicola wrote: > > > On Thu, Mar 14, 2024 at 10:27 PM Ari Chivukula > wrote: > >> Contact emails >> >>

Re: [blink-dev] Re: Intent to Ship: 'writingsuggestions' attribute

Hi Marcos, The spec for the writing suggestions attribute doesn't specify how UAs should implement writing suggestions under the hood, it just aims to provide developers with a way to control whether the writing suggestions are shown on

Re: [blink-dev] Intent to Ship: X25519Kyber768 key encapsulation for TLS on Desktop

On Mon, Mar 18, 2024 at 3:37 PM 'David Adrian' via blink-dev < blink-dev@chromium.org> wrote: > Contact emailsdadr...@google.com > > Explainer > https://www.ietf.org/archive/id/draft-tls-westerbaan-xyber768d00-02.html > > Specification >

Re: [blink-dev] Intent to Extend Experiment: Capture all screens

On Mon, Mar 18, 2024 at 5:28 PM 'Simon Hangl' via blink-dev < blink-dev@chromium.org> wrote: > Hello blink-dev, > > We’d like to ask for an extension to our Origin Trial, from M124 to M130. > This is due to the dependency on isolated web apps. > > Contact emails > > sim...@google.com

Re: [blink-dev] Intent to Ship: FedCM CORS requirement on ID assertion endpoint

On Tue, Mar 12, 2024 at 1:34 PM Mike Taylor wrote: > > On 3/12/24 11:33 AM, Nicolás Peña Moreno wrote: > > Thanks for the suggestion, Yoav! It seems something fetch experts have some > concerns about, so we do not plan to proceed with that suggestion at the > moment. > > I'd like to append a

Re: [blink-dev] Intent to Ship: Adding Cross-site Ancestor Chain Bit to CHIPS Partition Key

Yoav, your understanding is correct. I'm still in the process of finalizing the implementation. Once that is done, I'll audit some sites that metrics have indicated will experience breakage and report back my findings. On Tue, Mar 19, 2024 at 8:52 AM Mike Taylor wrote: > It would also be

Re: [blink-dev] Intent to Ship: Adding Cross-site Ancestor Chain Bit to CHIPS Partition Key

It would also be helpful to discuss what breakage looks like in this case. Would it be a one-time loss of state (i.e., have to log in again), or something different? On 3/19/24 5:08 AM, Yoav Weiss (@Shopify) wrote: OK, so just to summarize my understanding: * We expect this to have some

Re: [blink-dev] Intent to Ship: Adding Cross-site Ancestor Chain Bit to CHIPS Partition Key

OK, so just to summarize my understanding: - We expect this to have some impact on 0.032% of page views - We have a Finch flag that can be used as a kill switch in case we see lots of breakage in the wild - Developers can get around this deprecation by changing their cookies to be

Re: [blink-dev] Re: Intent to Ship: 'writingsuggestions' attribute

Thanks for the heads up, Marcos! :) On Tue, Mar 19, 2024 at 3:51 AM Marcos Caceres wrote: > Hi Blink-Dev Friends! > > We (WebKit) hit some web compat issues with this feature while testing our > implementation is Safari Tech Preview. > > Could you please take a look at: >