Hi Mike, this is for an Origin Trial. On Thu, Feb 16, 2023 at 1:14 PM Mike Taylor <miketa...@chromium.org> wrote:
> Hi Yi, > > Is this a request for an Origin Trial, or are you requesting to ship for > some percentage of Stable users? > > On Wednesday, February 15, 2023 at 9:28:14 PM UTC-5 Yi Gu wrote: > >> Contact emails >> >> >> *y...@chromium.org <y...@chromium.org>*Explainer >> >> >> *https://github.com/fedidcg/FedCM/issues/429 >> <https://github.com/fedidcg/FedCM/issues/429>*Summary >> >> >> *An extension to the existing FedCM API that allows a website to provide >> its preference for a streamlined UX (automatically, rather than explicitly, >> re-authenticating the user) when their users return to them. The API design >> requires that the preference is only respected for returning users, that is >> if the user has previously and explicitly granted permission for the >> Relying Party (RP) and Identity Provider (IdP) communication in the browser >> through a FedCM call.*Blink component >> >> >> *Blink > Identity > FedCM >> <https://bugs.chromium.org/p/chromium/issues/list?q=component%3ABlink%3EIdentity%3EFedCM&can=2>*TAG >> review >> >> *https://github.com/w3ctag/design-reviews/issues/813 >> <https://github.com/w3ctag/design-reviews/issues/813>* >> TAG review status >> >> >> *Pending*Risks >> Interoperability and Compatibility >> >> >> >> >> >> >> >> *Gecko: we have been actively working with Firefox >> <https://github.com/fedidcg/FedCM/issues/429#issuecomment-1426162273>to >> standardize this API. In general we are aligned on the feature itself. e.g. >> auto re-authentication can provide streamlined UX without reducing privacy. >> Meanwhile, there are some open questions about what API is more suitable to >> achieve this goal. e.g. Firefox proposed to reuse the “mediation mode >> <https://www.w3.org/TR/credential-management-1/#mediation-requirements>” in >> Credential Management API which is a promising direction as well. We will >> keep evaluating all the proposals and reach an alignment before >> shipping.WebKit: No signal >> <https://github.com/WebKit/standards-positions/issues/131> for “auto >> re-authn” yet. Positive for the general FedCM API.No compatibility risk >> from an API’s perspective. Auto re-authn is supported by adding a >> new boolean to the existing FedCM API which is default to false (defaults >> to the existing behavior).On cross-browser interoperability, because the >> Auto re-authn API simply controls a UX preference suggested by the relying >> party, the UA may choose not to respect it (for example, either across all >> relying parties or through browser settings) and fallback to the existing >> sign-in flow that requires an explicit user confirmation.Overall, this is a >> small addition to the FedCM API, and as such mostly inherits the interop >> and compatibility risks from that API. See >> https://groups.google.com/a/chromium.org/g/blink-dev/c/URpYPPH-YQ4/m/E9pgS7GEBAAJ >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/URpYPPH-YQ4/m/E9pgS7GEBAAJ> >> for the discussion.*Activation >> >> >> >> *Similar to the FedCM API, we deliberately leave the bulk of the work to >> the IdP to ensure that minimal RP change is needed (no RP change is needed >> for IdPs who have already supported similar flow). This feature, >> specifically, is one that can be currently controlled by JS SDKs, so we >> expect activation to have a similar profile as FedCM: immediately enabled >> to websites (without any redeployment) by IdPs making use of it (by >> redeploying their JS SDKs).*WebView Application Risks >> >> >> >> *N/A as this feature is not available on WebView.*Goals for >> experimentation >> >> >> >> >> *To learn whether the new streamlined re-authentication experience >> performs well with users. We are planning to collect the following data >> points: - number of successful re-authentication flows, - how often a user >> may want to terminate the flow,- reasonable time for cooldown* >> Debuggability >> >> >> *Besides regular FedCM support, we show error messages stating why auto >> re-authn is unavailable. *Will this feature be supported on all six >> Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android >> WebView)? >> >> >> *NoSimilar to FedCM API, we expect the feature to be available on all >> platforms (Windows, Mac, Linux, ChromeOS and Android) except WebView.*Is >> this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/master/docs/testing/web_platform_tests.md> >> ? >> >> *Yes >> <http://third_party/blink/web_tests/external/wpt/credential-management/fedcm-network-requests.https.html>. >> (we’re >> still working on making tests behave as intended on WPT.fyi)* >> Flag name >> >> >> *chrome://flags/#fedcm-auto-re-authn*Requires code in //chrome? >> >> >> *True*Tracking bug >> >> >> *You can track our progress here:https://crbug.com/1304404 >> <https://crbug.com/1304404>*Launch bug >> >> >> *https://launch.corp.google.com/launch/4229781 >> <https://launch.corp.google.com/launch/4229781>*Estimated milestones >> >> >> *M112*Link to entry on the Chrome Platform Status >> >> https://chromestatus.com/feature/5108344837111808 >> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACh2XCOe7JGRnHpTbufdypNJmpNU_HMSxvSyGOnqTB1DX3Asaw%40mail.gmail.com.
