[w3ctag/design-reviews] Partial freezing of the User-Agent string (#467) from Yoav Weiss on 2020-01-27 (public-webapps-github@w3.org from January 2020)

From: Yoav Weiss <notifications@github.com>
Date: Mon, 27 Jan 2020 06:03:25 -0800
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/467@github.com>
Goedenavond TAG!

This is not your typical spec review, and is highly related to https://github.com/w3ctag/design-reviews/issues/320. But, because @torgo asked nicely, I'm opening up a review for a specific application of UA-CH as a replacement for the `User-Agent` string.

We've had a lot of feedback on the [intent](https://groups.google.com/a/chromium.org/forum/m/#!msg/blink-dev/-2JIRNMWJ7s/yHe4tQNLCgAJ), which resulted in [changes](https://groups.google.com/a/chromium.org/d/msg/blink-dev/A4wxFpvqUfA/yBjL6B0QDgAJ) to the API we want to ship. It also resulted in many [open issues](https://github.com/WICG/ua-client-hints/issues). Most either have pending PRs or will have ones shortly.

The latest summary is:

* The `User-Agent` request header will be frozen other than its browser's significant version, and unified between different platforms and devices to reduce the amount of passive fingerprinting the browser is sending out by default.
* `navigator.userAgent` and friends will be similarly frozen.
* By default, the browser will send `Sec-CH-UA` and `Sec-CH-UA-Mobile` headers to enable most cases of content negotiation. As those headers are low-entropy, we can afford that trade-off, privacy-wise.
    * `Sec-CH-UA` is defined as a set, and likely to be [GREASEd](https://wicg.github.io/ua-client-hints/#grease) to avoid current abuse patterns of the User-Agent string.
* Servers can opt-in to request more information about the user agent using the [Client Hints negotiation mechanisms](https://github.com/WICG/client-hints-infrastructure#opt-in-mechanism): platform, architecture and model are what we currently have, but we're considering things like "input mode".
    * The opt-in mechanism to enable opt-in on the "very first view" is not yet ready. At the same time, the hints sent by default are likely to answer most HTML level content-adaptation use-cases. 
* An equivalent API will enable access to that information on the client. Access to low-entropy information will be synchronous, while access to high-entropy one will be through a Promise. (to enable browsers to take their time when considering if the site should really be granted to potentially fingerprintable info)



Checkboxes:
  - Explainers: for the [feature](https://github.com/WICG/ua-client-hints#user-content-explainer-reducing-user-agent-granularity), as well as its [infrastructure](https://github.com/WICG/client-hints-infrastructure#readme)
  - Specifications: for the [UA-CH feature](https://wicg.github.io/ua-client-hints/), as well as its [infrastructure](https://wicg.github.io/client-hints-infrastructure/).
  - Tests: [WPT](https://wpt.fyi/results/client-hints?label=experimental&label=master&aligned)
  - Security and Privacy self-review: Security and privacy are covered for the [feature](https://wicg.github.io/ua-client-hints/#security-privacy) as well as its [infrastructure](https://httpwg.org/http-extensions/client-hints.html#security-considerations). As this is a privacy-positive feature, I don't think a separate review is necessary, but let me know if you think otherwise.
  - GitHub repo [URL](https://github.com/WICG/ua-client-hints)
  - Primary contacts: 
      - Yoav Weiss (yoavweiss@), Google Chrome - editor/implementer
  - Organization driving the specification: Google Chrome 
  - Key pieces of existing multi-stakeholder review or discussion of this specification: [design-review#320](https://github.com/w3ctag/design-reviews/issues/320)
  - External status/issue trackers for this specification: [Chrome status entry for UA-CH](https://www.chromestatus.com/features/5995832180473856) and for [User-Agent freezing](https://www.chromestatus.com/feature/5704553745874944).

Further details:

  - [x] I have reviewed the TAG's [API Design Principles](https://w3ctag.github.io/design-principles/)
  - Relevant time constraints or deadlines: hoping to start freezing in M83 (June) and unification in M85 (September)
  - The group where the work on this specification is being done: WICG
  - Major unresolved issues with or opposition to this specification:
  - This work is being funded by: Google Chrome

You should also know that...

[please tell us anything you think is relevant to this review]

We'd prefer the TAG provide feedback as (please delete all but the desired option):

  🐛 open issues in our GitHub repo for **each point of feedback**


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/467
Received on Monday, 27 January 2020 14:03:32 UTC