Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Tom Jones
The W3C document you referenced is about privacy principles. Ecosystems do not have privacy, people have privacy. The snippet below is from the document and should make it very clear that your document is not in compliance with privacy principles. If you do not correct this document, i am sure

Re: [blink-dev] Intent to Experiment: X25519Kyber768 key encapsulation for TLS

2023-09-08 Thread David Benjamin
On Fri, Sep 8, 2023 at 4:16 PM 'David Adrian' via blink-dev < blink-dev@chromium.org> wrote: > > LGTM to experiment from M117 - M118 inclusive. I think that's what > you're asking for - please let me know if I'm reading this incorrectly. > Good luck! > > Thank you! > > > Any pointers to learn

[blink-dev] IP Protection feature status

2023-09-08 Thread David Dabbs
Hello. IP Protection feature card indicates *No active development*. But there are issues underway, some requesting merge into M118 as "part of the

Re: [blink-dev] Re: Intent to Deprecate and Remove Web SQL

2023-09-08 Thread 'Panos Astithas' via blink-dev
Hi Guillem, The page load limit only applies to trials that introduce new features, not deprecation trials like this one that remove a feature. Apologies for the confusion. Thanks, Panos On Thu, Sep 7, 2023 at 10:29 AM 'Guillem Olivé' via blink-dev < blink-dev@chromium.org> wrote: > Hi, > > I

Re: [blink-dev] Intent to Experiment: X25519Kyber768 key encapsulation for TLS

2023-09-08 Thread 'David Adrian' via blink-dev
> LGTM to experiment from M117 - M118 inclusive. I think that's what you're asking for - please let me know if I'm reading this incorrectly. Good luck! Thank you! > Any pointers to learn more about this possible compat problem? The basic issue is that the Kyber key exchange pushes the

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread 'Jeffrey Yasskin' via blink-dev
Transparency serves a bunch of different goals, as described in https://w3ctag.github.io/privacy-principles/#transparency, and the most valuable aren't always to give an end-user more information while they're trying to make a decision. I think the explainer is clear enough in saying that its goal

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Tom Jones
so explain to me how you can claim transparency? ..tom On Fri, Sep 8, 2023 at 12:26 PM Shivani Sharma wrote: > > > On Fri, Sep 8, 2023 at 2:51 PM Tom Jones > wrote: > >> This statement is under non goals. So I think you need to change that or >> remove the claim of transparency. >> > This is

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Shivani Sharma
On Fri, Sep 8, 2023 at 2:51 PM Tom Jones wrote: > This statement is under non goals. So I think you need to change that or > remove the claim of transparency. > This is specifically about whether the end user can see the result of attestation of a given site "in the browser", which at this time

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Tom Jones
This statement is under non goals. So I think you need to change that or remove the claim of transparency. thx ..Tom (mobile) On Fri, Sep 8, 2023, 11:06 AM Shivani Sharma wrote: > > > On Fri, Sep 8, 2023 at 12:55 PM Tom Jones > wrote: > >> I cannot understand how it is possible to claim

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Shivani Sharma
On Fri, Sep 8, 2023 at 12:55 PM Tom Jones wrote: > I cannot understand how it is possible to claim transparency with the > following explanation. It seems completely misleading. > > Today, the attestation model does not seek to provide information to users > within the browser or device in

[blink-dev] Intent to Ship: Payment handler minimal header UX

2023-09-08 Thread Rouslan Solomakhin
*Contact emails*nbur...@chromium.org *Explainer* https://crbug.com/1385136 - see comment 14 for screenshot *Specification* Not applicable *Design docs* (Google internal only, sorry):

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Tom Jones
I cannot understand how it is possible to claim transparency with the following explanation. It seems completely misleading. Today, the attestation model does not seek to provide information to users within the browser or device in real-time about a developer's attestations thx ..Tom (mobile)

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Shivani Sharma
On Fri, Sep 8, 2023 at 10:43 AM Chris Harrelson wrote: > Also: is there a chromestatus.com entry for this feature? > Yes, https://chromestatus.com/feature/5190179073032192 > > On Fri, Sep 8, 2023 at 7:39 AM Chris Harrelson > wrote: > >> LGTM2 conditioned on the spec PRs landing (some are still

Re: [blink-dev] Intent to Deprecate and Remove: Dangling markup in target name

2023-09-08 Thread Chris Harrelson
LGTM2 On Fri, Sep 8, 2023 at 7:04 AM Mike Taylor wrote: > LGTM1 to ship. Risk seems very low (and worth it, given security > improvements), but thanks for adding a runtime enabled feature. > On 9/7/23 12:44 AM, 'Jun Kokatsu' via blink-dev wrote: > > Contact emails > > jkoka...@google.com > >

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Chris Harrelson
Also: is there a chromestatus.com entry for this feature? On Fri, Sep 8, 2023 at 7:39 AM Chris Harrelson wrote: > LGTM2 conditioned on the spec PRs landing (some are still open). > > On Fri, Sep 8, 2023 at 6:02 AM Mike Taylor wrote: > >> On 9/7/23 6:06 PM, Shivani Sharma wrote: >> >> On

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Chris Harrelson
LGTM2 conditioned on the spec PRs landing (some are still open). On Fri, Sep 8, 2023 at 6:02 AM Mike Taylor wrote: > On 9/7/23 6:06 PM, Shivani Sharma wrote: > > On Friday, September 1, 2023 at 6:20:34 PM UTC-4 Mike Taylor wrote: > > Thanks. One last question here: how confident are y'all that

Re: [blink-dev] Intent to Deprecate and Remove: Dangling markup in target name

2023-09-08 Thread Mike Taylor
LGTM1 to ship. Risk seems very low (and worth it, given security improvements), but thanks for adding a runtime enabled feature. On 9/7/23 12:44 AM, 'Jun Kokatsu' via blink-dev wrote: Contact emails jkoka...@google.com Specification

[blink-dev] PSA: Extending Storage Access API (SAA) to non-cookie storage Explainer

2023-09-08 Thread Ari Chivukula
*Contact Emails* aric...@chromium.org, hele...@google.com, johann...@chromium.org, wanderv...@chromium.org *Explainer* https://arichiv.github.io/saa-non-cookie-storage/ *Summary* To prevent certain types of cross-site tracking, storage and communication APIs in third party contexts are being

Re: [blink-dev] Intent to Ship: Enrollment for Privacy Sandbox

2023-09-08 Thread Mike Taylor
On 9/7/23 6:06 PM, Shivani Sharma wrote: On Friday, September 1, 2023 at 6:20:34 PM UTC-4 Mike Taylor wrote: Thanks. One last question here: how confident are y'all that consumers of these APIs are well-equipped for errors in case they don't enroll? Have you looked at any Privacy