Re: [blink-dev] Intent to Experiment: FedCM as a trust signal for the Storage Access API

Tue, 07 May 2024 08:02:04 -0700 

LGTM to experiment from 126 to 127 inclusive.

On 5/7/24 10:52 AM, Chris Fredrickson wrote:


Contact emails

johann...@chromium.org, cfred...@chromium.org, y...@chromium.org


Explainer


https://github.com/explainers-by-googlers/storage-access-for-fedcm 
<https://github.com/explainers-by-googlers/storage-access-for-fedcm>



Specification

None (TBD)


Summary


Reconciles the FedCM and Storage Access APIs by making a prior FedCM 
grant a valid reason to automatically approve a storage access request.




When a user grants permission for using their identity with a 3rd 
party Identity Provider (IdP) on a Relying Party (RP), many IdPs 
require third-party cookies to function correctly and securely. This 
proposal aims to satisfy that requirement in a private and secure 
manner by updating the Storage Access API (SAA) permission checks to 
not only accept the permission grant that is given by a storage access 
prompt, but also the permission grant that is given by a FedCM prompt.




A key property of this mechanism is limiting the grant to cases 
explicitly allowed by the RP via the FedCM permissions policy, 
enforcing a per-frame control for the RP and preventing passive 
surveillance by the IdP beyond the capabilities that FedCM already 
grants, as outlined in the Privacy Considerations 
<https://github.com/explainers-by-googlers/storage-access-for-fedcm?tab=readme-ov-file#privacy-considerations>.




Blink component

Blink>StorageAccessAPI


TAG review

None


TAG review status

N/A


Risks



Interoperability and Compatibility

None





Gecko: No public signals, positive initial signals 
<https://docs.google.com/document/d/1jxqW4kvGdclIWsOlWMXWLGpwu1wOorST2Ol6vJKAjDE/edit#heading=h.y0ecc5cfr86n>. 
We will request a formal position.



WebKit: No signal. We will request a formal position.


Web developers: Positive <https://github.com/fedidcg/FedCM/issues/467>


Other signals:


WebView application risks


Does this intent deprecate or change behavior of existing APIs, such 
that it has potentially high risk for Android WebView-based applications?


N/A, not shipping on Android WebView.


Goals for experimentation


Evaluate the implementation, and the usability of the feature to 
ensure it adequately solves the problem.



Ongoing technical constraints

None


Debuggability

None



Will this feature be supported on all six Blink platforms (Windows, 
Mac, Linux, ChromeOS, Android, and Android WebView)?


No. It will not be supported in Android WebView.


Is this feature fully tested by web-platform-tests?


No. The implementation is primarily in permissions code in //chrome, 
which cannot be tested in WPTs since WPTs use a fake permission 
manager 
<https://crsrc.org/c/content/web_test/browser/web_test_permission_manager.h;drc=33b441e83b1f70381158fcafb0ecde9168b79524;l=28>in 
Chromium.



Flag name on chrome://flags

#fedcm-with-storage-access-api


Finch feature name

FedCmWithStorageAccessAPI


Non-finch justification

None


Requires code in //chrome?

True


Estimated milestones

M126 through M127 (inclusive).



Link to entry on the Chrome Platform Status


https://chromestatus.com/feature/5116478702747648 
<https://chromestatus.com/feature/5116478702747648>



Links to previous Intent discussions


Intent to prototype: 
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4iogs7O60r0YcVnDB5aCvs9WUYjWFcuHqcFi5bXLRBOig%40mail.gmail.com 
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAD_OO4iogs7O60r0YcVnDB5aCvs9WUYjWFcuHqcFi5bXLRBOig%40mail.gmail.com>



This intent message was generated by Chrome Platform Status.


--

You received this message because you are subscribed to the Google 
Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit 
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9a75fe74-ca55-4ddc-93d7-120adfdee49en%40chromium.org 
<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/9a75fe74-ca55-4ddc-93d7-120adfdee49en%40chromium.org?utm_medium=email&utm_source=footer>.


--
You received this message because you are subscribed to the Google Groups 
"blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to blink-dev+unsubscr...@chromium.org.
To view this discussion on the web visit 
https://groups.google.com/a/chromium.org/d/msgid/blink-dev/e4cfab89-5510-4ce8-84f7-b7c4bbe071da%40chromium.org.






















					Reply via email to