LGTM3 ________________________________ From: Mike Taylor <[email protected]> Sent: Monday, October 6, 2025 4:09 PM To: Alex Russell <[email protected]>; blink-dev <[email protected]> Cc: Reilly Grant <[email protected]>; Zgroza (Luke) Klimek <[email protected]> Subject: [EXTERNAL] Re: [blink-dev] Intent to Ship: Web Smart Card API
LGTM2 (thanks for the very well-written explainer, btw). On 10/6/25 2:19 p.m., Alex Russell wrote: LGTM1 On Thursday, October 2, 2025 at 12:57:05 PM UTC-7 Reilly Grant wrote: LGTM as an IWA OWNER (3x LGTM from Blink API OWNERS are still required according to the IWA-specific API launch process<https://www.chromium.org/blink/launching-features/isolated-web-apps/>). Similar to Unrestricted WebUSB, this API is granting access to devices which we've made an explicit decision not to give to normal web sites. The additional integrity provided by IWAs allows us to make a meaningful decision that if access is granted to an app then the app's behavior is well-known and cannot be compromised by common attack vectors. This API exists to support specific, mainly enterprise-focused, use cases. On the broader web device-based authentication solutions such as WebAuthn are more appropriate. Reilly Grant | Software Engineer | [email protected]<mailto:[email protected]> | Google Chrome<https://www.google.com/chrome> On Thu, Oct 2, 2025 at 6:39 AM Luke Klimek <[email protected]<mailto:[email protected]>> wrote: Contact emails [email protected]<mailto:[email protected]>, [email protected]<mailto:[email protected]> Explainer https://github.com/WICG/web-smart-card/blob/main/README.md Specification https://wicg.github.io/web-smart-card Summary Enables smart card (PC/SC) applications to move to the Web platform. It gives them access to the PC/SC implementation (and card reader drivers) available in the host OS. Administrators can control the availability of this API either: * Globally—using the DefaultSmartCardConnectSetting policy. * Per-application—using the SmartCardConnectAllowedForUrls and SmartCardConnectBlockedForUrls policies. Blink component Blink>SmartCard<https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3ESmartCard%22> Web Feature ID None TAG review This is an IWA-only API, and TAG has made it clear recently that they don't want to review IWA-related stuff. Relevant statement: https://github.com/w3ctag/design-reviews/issues/842#issuecomment-2917031448 TAG review status Not applicable Risks Interoperability and Compatibility Other browsers may choose to implement this API, that is however dependent on adoption of the Isolated Web Apps as a whole. Gecko: No signal WebKit: No signal Web developers: Positive (https://github.com/WICG/web-smart-card/issues/43) Other signals: Security https://github.com/WICG/web-smart-card?tab=readme-ov-file#security-and-privacy-considerations https://wicg.github.io/web-smart-card/#security-privacy This is a highly security-sensitive API. This is why it is currently being guarded behind: 1. Isolated Web App installation (and also declaration of the `smart-card` permission policy in the manifest 2. Fine-grained user-facing permission mechanism that gives the end user control over the most privacy-sensitive moments (connection to a smart card reader). For more context on the permissions design and how it interacts with Chrome UI and enterprise policy see go/web-smart-card-api-permissions<http://goto.google.com/web-smart-card-api-permissions> (sorry, Googlers-only). WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? None. Debuggability The code using this API can be debugged using the standard tools. Potential future improvement would be a new CDP domain to allow mocking system PC/SC to not rely on actual hardware. More design explorations at go/web-smart-card-api-cdp<http://goto.google.com/web-smart-card-api-cdp>, sorry, Googlers-only. Complexity of this endeavour however makes us defer this at least until cross-platform launch. This is a part of a broader effort to add WPTs to this feature: https://crbug.com/40275258 Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? No. Underlying implementation highly depends on the system native PC/SC stack. ChromeOS is the first platform implemented. Also, IWAs themselves are not currently launched anywhere else. Is this feature fully tested by web-platform-tests<https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md>? No. WPT does not support IWA test environments. Once that support is available, we can investigate adding IWA-focused WPT tests. Also, implementation also is highly complex, as the API depends on communication with the native system PC/SC and actual hardware. Future WPT implementation, tentatively planned for the cross-platform launch is tracked here: https://crbug.com/40275258 DevTrial instructions https://github.com/WICG/web-smart-card/blob/main/HOWTO.md Flag name on about://flags enable-smart-card-web-api Finch feature name SmartCard Rollout plan Will ship enabled for all users Requires code in //chrome? True Tracking bug https://bugs.chromium.org/p/chromium/issues/detail?id=1386175 Launch bug https://launch.corp.google.com/launch/4234437 Measurement UseCounters: 1. SmartCardEstablishContext: Entry point to the API overall. 2. SmartCardConnect: Entry point to actually using API for communication with smart card readers. Availability expectation API is available only in Chromium browsers for the foreseeable future—no other browser engine has yet displayed interest in implementing Isolated Web Apps, which are a prerequisite to this API. Initially API will be available on ChromeOS only, with intent to implement it elsewhere later (as Isolated Web Apps are launched on other platforms). Adoption expectation Expected to be used initially by a small number of developers inside Isolated Web Apps. Adoption plan Working directly with developers that are planning to rely on the API. Non-OSS dependencies Does the feature depend on any code or APIs outside the Chromium open source repository and its open-source dependencies to function? Yes. This API depends on the system-specific PC/SC implementation, as it is essentially a proxy to it. For the initial launch on ChromeOS, this extension is the sample provider that should be installed in Chrome for the API to function: https://github.com/GoogleChromeLabs/chromeos_smart_card_connector On the other platforms, we will probably add new dependencies (PCSC on Windows and PC/SC lite elsewhere) to the Chromium project itself. Sample links https://github.com/GoogleChromeLabs/web-smartcard-demo Estimated milestones Shipping on desktop 143 DevTrial on desktop 141 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way). None. Link to entry on the Chrome Platform Status https://chromestatus.com/feature/6411735804674048?gate=4552874575527936 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CA%2BenBd9j9Ucy-BKqfQSk9hZxVG6-qm4H6X3%3DxT9U86KpiOpKeA%40mail.gmail.com This intent message was generated by Chrome Platform Status<https://chromestatus.com/>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANLtwd0PyL0BsedCr%3Do3%2BXoTRHFRi5O9t9wygwDe_7vf9OhKNQ%40mail.gmail.com<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANLtwd0PyL0BsedCr%3Do3%2BXoTRHFRi5O9t9wygwDe_7vf9OhKNQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/38cd8732-6094-4a4e-95f7-b2c6226a5047n%40chromium.org<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/38cd8732-6094-4a4e-95f7-b2c6226a5047n%40chromium.org?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/50d7bc9d-d672-4178-bedf-a66867228dd9%40chromium.org<https://groups.google.com/a/chromium.org/d/msgid/blink-dev/50d7bc9d-d672-4178-bedf-a66867228dd9%40chromium.org?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CH4PR00MB232931A1CD4C0D6941AF2B21C5E0A%40CH4PR00MB2329.namprd00.prod.outlook.com.
