Hugo: no, we are still examining metrics and evaluating. I will post to this thread when I have updates.
David: Yes, this implementation consumes the JSON blob from https://github.com/GoogleChrome/first-party-sets via Component Updater. (There's also an enterprise policy <https://chromeenterprise.google/policies/#FirstPartySetsOverrides> that can be used to configure enterprise-internal sets.) On Wednesday, June 21, 2023 at 2:01:44 PM UTC-4 dad...@google.com wrote: > Is this I2S still using the externally managed JSON blob to identify first > party sets, and shipping via Component Updater, i.e. there is not yet a > dynamic way to specify First-Party Sets? > > On Tue, Jun 20, 2023 at 9:35 AM 'Hugo Bärtges' via blink-dev < > blink-dev@chromium.org> wrote: > >> Have we reached the planned 100% of Chrome users by June 16th? >> >> On Wednesday, May 31, 2023 at 4:02:25 PM UTC+2 Andrey Lipattsev wrote: >> >>> Sweet, thanks Chris! >>> >>> On Tuesday, 30 May 2023 at 16:36:34 UTC+2 Chris Fredrickson wrote: >>> >>>> Hi Andrey, >>>> >>>> We're still collecting metrics at 1%. We want to be sure that this >>>> feature does not regress core web vitals <https://web.dev/vitals/>, >>>> which is why we're taking our time and analyzing thoroughly. I will post >>>> here when we roll out to 100% (which I expect to be soon, within the next >>>> week or so -- if all continues to go well). >>>> >>>> On Tuesday, May 30, 2023 at 8:57:20 AM UTC-4 Andrey Lipattsev wrote: >>>> >>>>> How far along is this now? Are we at 100%? >>>>> >>>>> On Wednesday, 17 May 2023 at 21:11:35 UTC+2 Chris Fredrickson wrote: >>>>> >>>>>> Thanks all. Just an update - we're rolling First-Party Sets out to 1% >>>>>> on Chrome M113 Stable now, and plan to ramp up to 100% over the next few >>>>>> weeks (barring metrics regressions). >>>>>> >>>>>> On Friday, April 7, 2023 at 12:45:41 PM UTC-4 Mike Taylor wrote: >>>>>> >>>>>>> After re-reading the spec, explainer, related discussions, and >>>>>>> related prior art over the past week or so, I believe that First Party >>>>>>> Sets >>>>>>> solves important use cases, especially in a post-third-party cookie >>>>>>> world. >>>>>>> >>>>>>> LGTM3. >>>>>>> On 4/7/23 11:36 AM, Yoav Weiss wrote: >>>>>>> >>>>>> Given the above, LGTM2 >>>>>>> >>>>>>> On Wed, Apr 5, 2023 at 5:57 PM Alex Russell <sligh...@chromium.org> >>>>>>> wrote: >>>>>>> >>>>>>> Per today's OWNERS meeting, Daniel raised the point that we need a >>>>>>>> place to approve/dispose the overall FPS direction rather than the >>>>>>>> smaller >>>>>>>> point features, so for that reason I'm going to LGTM1 this here >>>>>>>> (contra >>>>>>>> Yoav's previous message). >>>>>>>> >>>>>>>> Best, >>>>>>>> >>>>>>>> Alex >>>>>>>> >>>>>>>> On Friday, March 31, 2023 at 8:31:10 AM UTC-7 Chris Harrelson wrote: >>>>>>>> >>>>>>> Hi Martin, >>>>>>>>> >>>>>>>>> On Fri, Mar 31, 2023 at 12:32 AM Martin Thomson <m...@mozilla.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> As long as FPS affects how the web operates in any way, it should >>>>>>>>>> be subject to standardization and - I would expect - the same review >>>>>>>>>> as any >>>>>>>>>> other feature. >>>>>>>>>> >>>>>>>>> >>>>>>>>> With the plan Yoav is suggesting, the Blink API owners would still >>>>>>>>> review it carefully, but in the context of the other intents that >>>>>>>>> involve >>>>>>>>> web-exposed behavior. In the end, which email we reply to is a >>>>>>>>> technicality; either way, we'll review the entire feature set. >>>>>>>>> >>>>>>>>> On Wed, Mar 29, 2023 at 6:44 PM Yoav Weiss <yoav...@chromium.org> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>> Thanks for filing this intent. I agree with your analysis that >>>>>>>>>>> it's not directly web-exposed, and as such, I don't think LGTMs are >>>>>>>>>>> required (but still appreciate the intent as required context for >>>>>>>>>>> rSA and >>>>>>>>>>> rSAF). >>>>>>>>>>> We'll see if other API owners disagree. >>>>>>>>>>> >>>>>>>>>>> On Mon, Mar 20, 2023 at 10:31 PM Johann Hofmann < >>>>>>>>>>> joha...@chromium.org> wrote: >>>>>>>>>>> >>>>>>>>>> Contact emails >>>>>>>>>>>> >>>>>>>>>>>> cfre...@chromium.org, shu...@chromium.org, >>>>>>>>>>>> kaust...@chromium.org, joha...@chromium.org >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Explainer >>>>>>>>>>>> >>>>>>>>>>>> https://github.com/WICG/first-party-sets >>>>>>>>>>>> >>>>>>>>>>>> Specification >>>>>>>>>>>> >>>>>>>>>>>> https://wicg.github.io/first-party-sets >>>>>>>>>>>> >>>>>>>>>>>> Design docs >>>>>>>>>>>> >>>>>>>>>>>> First-Party Sets: Initial prototype description >>>>>>>>>>>> <https://docs.google.com/document/d/1Lbvn3Wt664AhWA-UytjGEi7UcRMhrR4trUWEi2ieUkE/edit#heading=h.t7ybo54eelkd> >>>>>>>>>>>> >>>>>>>>>>>> First-Party Sets Prototype Design Doc >>>>>>>>>>>> <https://docs.google.com/document/d/16m5IfppdmmL-Zwk9zW8tJD4iHTVGJOLRP7g-QwBwX5c/edit?usp=sharing> >>>>>>>>>>>> >>>>>>>>>>>> Summary >>>>>>>>>>>> >>>>>>>>>>>> First-Party Sets (“FPS”) provides a framework for developers to >>>>>>>>>>>> declare relationships among sites, to enable limited cross-site >>>>>>>>>>>> cookie >>>>>>>>>>>> access for specific, user-facing purposes. This is facilitated >>>>>>>>>>>> through the >>>>>>>>>>>> use of the Storage Access API >>>>>>>>>>>> <https://github.com/privacycg/storage-access> and >>>>>>>>>>>> requestStorageAccessFor >>>>>>>>>>>> <https://github.com/privacycg/requestStorageAccessForOrigin/> >>>>>>>>>>>> API. >>>>>>>>>>>> >>>>>>>>>>>> The First-Party Sets proposal that we intend to ship >>>>>>>>>>>> significantly differs from its originally proposed design, as we >>>>>>>>>>>> have >>>>>>>>>>>> incorporated feedback from various stakeholders. An overview of >>>>>>>>>>>> what >>>>>>>>>>>> changed and why can be found here >>>>>>>>>>>> <https://developer.chrome.com/docs/privacy-sandbox/first-party-sets-evolution/> >>>>>>>>>>>> . >>>>>>>>>>>> >>>>>>>>>>>> It’s important to note that because of its integration with the >>>>>>>>>>>> Storage Access API and requestStorageAccessFor, FPS is not a >>>>>>>>>>>> feature that >>>>>>>>>>>> is directly web-exposed. We still consider its overall impact on >>>>>>>>>>>> the web >>>>>>>>>>>> platform to be big enough to follow the blink launch process. >>>>>>>>>>>> >>>>>>>>>>>> We have submitted adjacent Intents to Ship both >>>>>>>>>>>> requestStorageAccess and requestStorageAccessFor. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Blink component >>>>>>>>>>>> >>>>>>>>>>>> Privacy >>>>>>>>>>>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Privacy> >>>>>>>>>>>> >>>>>>>>>>>> TAG review >>>>>>>>>>>> >>>>>>>>>>>> https://github.com/w3ctag/design-reviews/issues/342 >>>>>>>>>>>> >>>>>>>>>>>> TAG review status >>>>>>>>>>>> >>>>>>>>>>>> Pending >>>>>>>>>>>> >>>>>>>>>>>> Risks >>>>>>>>>>>> >>>>>>>>>>>> Interoperability and Compatibility >>>>>>>>>>>> >>>>>>>>>>>> This is not a breaking change. To use it, sites will need to >>>>>>>>>>>> opt in to using First-Party Sets. There is no change to existing >>>>>>>>>>>> behavior >>>>>>>>>>>> for sites not opting in to First-Party Sets. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Gecko: Negative ( >>>>>>>>>>>> https://github.com/mozilla/standards-positions/issues/350) >>>>>>>>>>>> >>>>>>>>>>>> WebKit: Negative ( >>>>>>>>>>>> https://github.com/WebKit/standards-positions/issues/93) >>>>>>>>>>>> >>>>>>>>>>>> Web developers: Positive. FPS has been extensively discussed >>>>>>>>>>>> during its incubation in the Privacy CG and the WICG. Throughout >>>>>>>>>>>> this >>>>>>>>>>>> discussion we've consistently seen great interest and >>>>>>>>>>>> participation by web >>>>>>>>>>>> developers. >>>>>>>>>>>> >>>>>>>>>>>> - >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> https://developer.chrome.com/docs/privacy-sandbox/first-party-sets-evolution/#working-with-the-ecosystem >>>>>>>>>>>> - >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> https://lists.w3.org/Archives/Public/public-privacycg/2022Jun/0031.html >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Other signals: Edge: Positive. Microsoft has been “generally >>>>>>>>>>>> supportive of the effort” >>>>>>>>>>>> <https://github.com/privacycg/meetings/blob/main/2020/telcons/12-10-minutes.md> >>>>>>>>>>>> >>>>>>>>>>>> since 2020 and had a co-editor on the spec for a while. Edge, in >>>>>>>>>>>> conversations, has confirmed their intent to support FPS after it >>>>>>>>>>>> ships in >>>>>>>>>>>> Chrome. Through the component updater the FPS list should be >>>>>>>>>>>> available to >>>>>>>>>>>> Edge. We will work with the Edge team to make sure that they can >>>>>>>>>>>> potentially host their own version of the (same) list and to >>>>>>>>>>>> ensure >>>>>>>>>>>> cooperation on managing the list. >>>>>>>>>>>> >>>>>>>>>>>> Ergonomics >>>>>>>>>>>> >>>>>>>>>>>> Use of the Storage Access API requires sites to run JavaScript >>>>>>>>>>>> before they can access their cookies. No performance concerns. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Activation >>>>>>>>>>>> >>>>>>>>>>>> Site owners will need to register their first-party sets in a >>>>>>>>>>>> public process, categorizing their usage in subsets and passing a >>>>>>>>>>>> number of >>>>>>>>>>>> technical checks, such as verifying ownership with a /.well-known/ >>>>>>>>>>>> file. >>>>>>>>>>>> The submission guidelines and checks are described in full detail >>>>>>>>>>>> on >>>>>>>>>>>> https://github.com/GoogleChrome/first-party-sets/blob/main/FPS-Submission_Guidelines.md >>>>>>>>>>>> >>>>>>>>>>>> This feature is meant to allow developers to preserve critical >>>>>>>>>>>> use cases (e.g., shared infrastructure across ccTLDs, service >>>>>>>>>>>> domains) >>>>>>>>>>>> when Chrome deprecates third-party cookies. As such, it will >>>>>>>>>>>> provide only >>>>>>>>>>>> limited utility right now, but give developers an important head >>>>>>>>>>>> start in >>>>>>>>>>>> testing and preparing their sites for the upcoming deprecation. >>>>>>>>>>>> >>>>>>>>>>>> FPS will require usage of the Storage Access API and/or >>>>>>>>>>>> requestStorageAccessFor >>>>>>>>>>>> API to have a web-observable effect. This improves >>>>>>>>>>>> cross-browser compatibility (for Storage Access API) but might >>>>>>>>>>>> come with >>>>>>>>>>>> some migration cost for developers that were previously relying on >>>>>>>>>>>> passive >>>>>>>>>>>> cookie access without JavaScript calls. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Security >>>>>>>>>>>> >>>>>>>>>>>> None >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> WebView application risks >>>>>>>>>>>> >>>>>>>>>>>> Does this intent deprecate or change behavior of existing APIs, >>>>>>>>>>>> such that it has potentially high risk for Android WebView-based >>>>>>>>>>>> applications? >>>>>>>>>>>> >>>>>>>>>>>> No >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Debuggability >>>>>>>>>>>> >>>>>>>>>>>> We show a DevTools warning when third-party cookies are blocked >>>>>>>>>>>> and the top-level site is in the same First-Party Set as the >>>>>>>>>>>> embedded site. >>>>>>>>>>>> Further developer tooling will likely be needed to support the >>>>>>>>>>>> eventual >>>>>>>>>>>> deprecation of third-party cookies. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Will this feature be supported on all six Blink platforms >>>>>>>>>>>> (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)? >>>>>>>>>>>> >>>>>>>>>>>> No. This will be supported on Windows, Mac, Linux, Chrome OS, >>>>>>>>>>>> and Android, but will not initially be supported on Android >>>>>>>>>>>> WebView. The >>>>>>>>>>>> First-Party Set information is consumed only by Chrome's >>>>>>>>>>>> implementation of >>>>>>>>>>>> the Storage Access API, which is not implemented in Android >>>>>>>>>>>> WebView. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Is this feature fully tested by web-platform-tests >>>>>>>>>>>> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >>>>>>>>>>>> ? >>>>>>>>>>>> >>>>>>>>>>>> No WPTs, as this isn't directly exposed to web content. Both >>>>>>>>>>>> rSA and rSAFor (through which this is exposed) have WPTs. >>>>>>>>>>>> >>>>>>>>>>>> Flag name >>>>>>>>>>>> >>>>>>>>>>>> FirstPartySets >>>>>>>>>>>> >>>>>>>>>>>> Requires code in //chrome? >>>>>>>>>>>> >>>>>>>>>>>> True >>>>>>>>>>>> >>>>>>>>>>>> Launch bug >>>>>>>>>>>> >>>>>>>>>>>> https://bugs.chromium.org/p/chromium/issues/detail?id=1175191 >>>>>>>>>>>> >>>>>>>>>>>> Estimated milestones >>>>>>>>>>>> >>>>>>>>>>>> Shipping in M113. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Anticipated spec changes >>>>>>>>>>>> >>>>>>>>>>>> We don't expect backwards-incompatible changes to the general >>>>>>>>>>>> mechanics and web platform integration of FPS. We may improve the >>>>>>>>>>>> policy >>>>>>>>>>>> and technical checks of the submission process. To help with this, >>>>>>>>>>>> submitters should expect that sets will be subject to expiration >>>>>>>>>>>> and / or >>>>>>>>>>>> renewal requirements. >>>>>>>>>>>> >>>>>>>>>>>> Link to entry on the Chrome Platform Status >>>>>>>>>>>> >>>>>>>>>>>> https://chromestatus.com/feature/5640066519007232 >>>>>>>>>>>> >>>>>>>>>>>> Links to previous Intent discussions >>>>>>>>>>>> >>>>>>>>>>>> Intent to prototype: >>>>>>>>>>>> https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/0EMGi-xbI-8/m/FgSjq6TtBwAJ >>>>>>>>>>>> >>>>>>>>>>>> Intent to Experiment: >>>>>>>>>>>> https://groups.google.com/u/1/a/chromium.org/g/blink-dev/c/XkWbQKrBzMg >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> This intent message was generated by Chrome Platform Status >>>>>>>>>>>> <https://chromestatus.com/>. >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>> Google Groups "blink-dev" group. >>>>>>>>>>>> >>>>>>>>>>> To unsubscribe from this group and stop receiving emails from >>>>>>>>>>>> it, send an email to blink-dev+...@chromium.org. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> To view this discussion on the web visit >>>>>>>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4jfJ3tEbyWMX6RgJMFhhNe5t5aScd9kNerYMC8THe1-Sg%40mail.gmail.com >>>>>>>>>>>> >>>>>>>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4jfJ3tEbyWMX6RgJMFhhNe5t5aScd9kNerYMC8THe1-Sg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>>>>>> . >>>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>> Google Groups "blink-dev" group. >>>>>>>>>>> >>>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>>>> send an email to blink-dev+...@chromium.org. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> To view this discussion on the web visit >>>>>>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfVrFVLJ%3DUQ7H-4K2E7%2BcZev-hCWZSkfy1CZJ%3DeP%2B4qexg%40mail.gmail.com >>>>>>>>>>> >>>>>>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfVrFVLJ%3DUQ7H-4K2E7%2BcZev-hCWZSkfy1CZJ%3DeP%2B4qexg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>>>>> . >>>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>> Google Groups "blink-dev" group. >>>>>>>>>> >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>>> send an email to blink-dev+...@chromium.org. >>>>>>>>>> >>>>>>>>> To view this discussion on the web visit >>>>>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPLxc%3DWySgtAyOz07J6-Ot9%2BnHyVWDHS_VJHL3WdXA9r2SEAcw%40mail.gmail.com >>>>>>>>>> >>>>>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPLxc%3DWySgtAyOz07J6-Ot9%2BnHyVWDHS_VJHL3WdXA9r2SEAcw%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>>>> . >>>>>>>>>> >>>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "blink-dev" group. >>>>>>>> >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to blink-dev+...@chromium.org. >>>>>>> >>>>>>> >>>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/02233b55-3d98-438a-a4be-abb06e180ea3n%40chromium.org >>>>>>>> >>>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/02233b55-3d98-438a-a4be-abb06e180ea3n%40chromium.org?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "blink-dev" group. >>>>>>> >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to blink-dev+...@chromium.org. >>>>>>> >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfUaOvSStxP9bJMChARXmurPdqh6NWuTyDWU9ohJJDtiZg%40mail.gmail.com >>>>>>> >>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfUaOvSStxP9bJMChARXmurPdqh6NWuTyDWU9ohJJDtiZg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>>> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> > To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6712b016-66d2-4f77-80e5-29e92512bd22n%40chromium.org >> >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/6712b016-66d2-4f77-80e5-29e92512bd22n%40chromium.org?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/8570e23b-09ac-4870-b269-aa4ff57a31afn%40chromium.org.