Contact emails amal...@chromium.org
njeu...@chromium.org wanderv...@chromium.org Explainer https://github.com/explainers-by-googlers/3pcd-grace-period-opt-out Specification TBD Summary This proposal details a new mechanism for site developers to conduct a self-service staged opt-out of their third-party cookie phaseout grace period. This is intended primarily for Chrome’s active trials for third-party cookie deprecation - one for top-level sites <https://developers.google.com/privacy-sandbox/3pcd/temporary-exceptions/first-party-deprecation-trial> and one for embedded sites <https://developers.google.com/privacy-sandbox/3pcd/temporary-exceptions/third-party-deprecation-trial>. When a site is approved for one of these trials, they are added to a short-term grace period which mitigates breakage until the token is launched. Each site on the trial will specify their desired opt-out percentage in a new resource in their .well-known directory <https://datatracker.ietf.org/doc/html/rfc8615>, specified here <https://github.com/explainers-by-googlers/3pcd-deprecation-trial-staged-rollout/blob/main/well-known-specification.md>. Google will implement server infrastructure to fetch and update these values on a schedule, and assign clients randomly to cohorts matching this percentage. These cohorts persist for a client up until clearing site storage or reinstalling the browser. Blink component Privacy <https://b.corp.google.com/components/1457231> Motivation Currently, developers can use a local testing setup <https://developers.google.com/privacy-sandbox/3pcd/prepare/test-for-breakage> to test the launch of their deprecation trial token, or other privacy-preserving API, by disabling the grace period. However, the site has no global control over the grace period - it is impossible to run a production test, or staged opt-out, without coordinating closely with Chrome. The system of defining and fetching the well-known resource allows sites to adjust their opt-out percentage (or ramp down completely if an issue is found) with minimal latency and communication turnover. Initial public proposal N/A Search tags third-party cookie deprecation <https://chromestatus.com/feature/5133113939722240> TAG review N/A TAG review status N/A Risks There aren’t inherent security implications for fetching external resources using server-side infrastructure, but there is a risk of fetching bad data, which our implementation addresses. There are also privacy implications for randomly assigning clients to cohorts, which we mitigate by clearing cohorts on site data deletion. There is also a risk that the fetching system fails or that a site loses access to its .well-known resource, both cases which we have planned mitigations for. Interoperability and Compatibility The third-party cookie deprecation trials are a Chrome feature, so these new .well-known resources will only be fetched by the Chrome browser. The new resource will be distinct and will not interfere with any existing resources used by other browsers or features. This approach may be used to address a similar need in the future (self-service restriction from an origin or deprecation trial), although it would also require a new resource spec. Debuggability N/A Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ? No Flag name base::features::TpcdMetadataStageControl Requires code in //chrome? No. All code for the grace period and new staged opt-out handling is in //components/tpcd/metadata <https://source.chromium.org/chromium/chromium/src/+/main:components/tpcd/metadata/> . Tracking bug https://issuetracker.google.com/331957180 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5205350707101696 -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAODhGg4aS1JfDM_yDo8wyh8Jq_tCtSy3ReOCLQ5nOO9kWG-srw%40mail.gmail.com.