On Fri, Jan 26, 2024 at 5:07 AM 'Yifan Luo' via blink-dev < [email protected]> wrote:
> Contact [email protected], [email protected] > > Explainer > https://github.com/WICG/private-network-access/blob/main/permission_prompt/explainer.md > > Specificationhttps://wicg.github.io/private-network-access > > Design docs > > https://docs.google.com/document/d/1Q18g4fZoDIYQ9IuxlZTaItgkzfiz_tCqaEAI8J3Y1WY/edit > > https://github.com/WICG/private-network-access/blob/main/permission_prompt/security_privacy_self_review.md > > Summary > > In order to establish connections to devices on a local network that do > not have globally unique names, and therefore cannot obtain TLS > certificates, this feature introduces a new option to `fetch()` to declare > a developers' intent to talk to such a device, a new policy-controlled > feature to gate each sites' access to this capability, and new headers for > the server's preflight response to provide additional metadata. > > > Blink componentBlink>SecurityFeature>CORS>PrivateNetworkAccess > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3ESecurityFeature%3ECORS%3EPrivateNetworkAccess> > > TAG reviewhttps://github.com/w3ctag/design-reviews/issues/751 > > TAG review statusIssues addressed > > Chromium Trial NamePrivateNetworkAccessPermissionPrompt > > Origin Trial documentation link > https://github.com/WICG/private-network-access/blob/main/permission_prompt/explainer.md > > WebFeature UseCounter namekPrivateNetworkAccessPermissionPrompt > > Risks > > > Interoperability and Compatibility > > > > *Gecko*: No signal > > *WebKit*: No signal > Could you file RFPs for this? > > *Web developers*: Positive ( > https://github.com/WICG/private-network-access/issues/23) > > *Other signals*: > > Ergonomics > > This new feature requires users to click on the new permission. This may > lead users to spamming on some websites. However, this is an intentional > move to encourage the websites to provide security context. The origin > trial also aimed to measure the frequency of users getting the permissions. > Apologies if I missed this, but is there a document somewhere summarizing the OT findings? > > > Activation > > No. This feature attempt to bring developers an easier way to restrict > Private Network Access with secure context. > > > Security > > This is a security positive feature. > > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > > Debuggability > > Relevant information (client and resource IP address space) is already > piped into the DevTools network panel. We’ll likely also represent the > permission state in the settings pages. > > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, ChromeOS, Android, and Android WebView)?No > > Mac, Windows, Linux, Chrome OS, Fuchsia, Android, WebLayer. Not Android > WebView because of the absence of deprecation trial integration (though > that may be changing soon, see https://crbug.com/1308425). Not iOS > because this requires changes in Blink and the network service, neither of > which are used on iOS. > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ?No > > > https://wpt.fyi/results/fetch/private-network-access/mixed-content-fetch.tentative.https.window.html?label=master&label=experimental&aligned&q=private-network-access > > > > Flag name on chrome://flags > > Finch feature nameNone > > Non-finch justificationNone > Does this mean the feature is not flag guarded, or is this just an omission in chromestatus? > > > > Requires code in //chrome?True > > Tracking bughttps://crbug.com/1338439 > > Sample links > > https://drive.google.com/file/d/1pnyQfIsXdtJnZoCBVSt4xim0yXjZ0Aqc/view?usp=sharing > > Estimated milestones > Shipping on desktop 123 > OriginTrial desktop last 122 > OriginTrial desktop first 120 > DevTrial on desktop 120 > > Anticipated spec changes > > Open questions about a feature may be a source of future web compat or > interop issues. Please list open issues (e.g. links to known github issues > in the project for the feature specification) whose resolution may > introduce web compat/interop risk (e.g., changing to naming or structure of > the API in a non-backward-compatible way). > None > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5954091755241472 > > Links to previous Intent discussionsIntent to prototype: > https://groups.google.com/a/chromium.org/g/blink-dev/c/6MczoSFGiHo/m/IigYuhu7AwAJ > Intent > to Experiment: > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAG-zKU_ZS1ibT9H7e5UmoUF2OfCUq5ocsDHaCoJ2rShmPmAejQ%40mail.gmail.com > > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com/>. > > -- > Yifan > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAG-zKU9p9dAurzeZfAEmFhBRmwz42_tJpnCVf_nmHox5zwzY0A%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAG-zKU9p9dAurzeZfAEmFhBRmwz42_tJpnCVf_nmHox5zwzY0A%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADsXd2P4BauiSWdE0piAq3ZCBFC1veQcNMD5xs080vxj0FWkNw%40mail.gmail.com.
