- From: Brian May <bmay@dstillery.com>
- Date: Tue, 29 Nov 2022 13:45:46 -0500
- To: Steven Valdez <svaldez@google.com>
- Cc: Tommy Pauly <tpauly@apple.com>, Sofía Celi <cherenkov@riseup.net>, public-antifraud@w3.org
- Message-ID: <CAMpQz1beJ3+hfShT0PgGOq0wyN=FaAZU5Uo+dEahE_jQhrpWtg@mail.gmail.com>
I'm also not sure this group is the right home for Trust Tokens API. While anti-fraud includes use-case to which tokens might usefully be applied, there are presumably a number of other cases not strictly fraud related in which tokens could be meaningfully employed. Given that, I am concerned either the anti-fraud focus of this group will be too limiting to the development of a general-use trust token or that interest in developing a token that applies to a broad set of use-cases will open the scope of this group beyond the anti-fraud domain. It seems like the Credentials Community Group <https://www.w3.org/community/credentials/> might be a better home Trust Tokens API with the support from this group for developing anti-fraud specific capabilities. On Tue, Nov 29, 2022 at 12:06 PM Steven Valdez <svaldez@google.com> wrote: > There's not a ton in the explainer that is tied to a specific version of > privacypass, but we can update the bits that rely on the older versions of > privacypass to point to the current draft (and updating the metadata > discussion to reference the current available privacypass types) and note > where we're diverging from the specification before we move it over to the > AFCG. > > On Mon, Nov 28, 2022 at 3:56 PM Tommy Pauly <tpauly@apple.com> wrote: > >> Hi Sofía, >> >> I do support the anti-fraud CG having a work stream for the general area >> of Private Tokens, to talk about the interactions build on privacy pass and >> other similar technologies. >> >> I don’t think we should move over or adopt the Trust Tokens API document >> as-is, however, until it’s either updated to work with the IETF version of >> privacy pass or else is specifically contextualized as >> background/historical material from previous work. I know there’s an intent >> to re-write that document to be compatible with the current privacy pass >> (while it’s currently referring to a pre-IETF version), and I think it >> should be relatively straightforward to make those changes. I am concerned >> that bringing the document over without any updates will perpetuate >> confusion about the different layers and versions, which should all be >> converging at this point. >> >> Best, >> Tommy >> >> > On Nov 22, 2022, at 9:08 AM, Sofía Celi <cherenkov@riseup.net> wrote: >> > >> > Hi all, >> > >> > The chairs are starting an adoption process for the Private State >> Tokens proposal: >> > >> > https://github.com/WICG/trust-token-api/ >> > https://github.com/antifraudcg/proposals/issues/7 >> > >> > Given the need for other types of privacy-preserving tokens for the >> various capabilities being discussed in the CG, the authors are asking to >> adopt this item as part of a more generic Private Tokens work stream, >> discussing and developing documents for various types of privacy-preserving >> tokens (based on privacypass and similar technology) that are useful in the >> anti-fraud space. >> > >> > Please respond with any further feedback or support for the document >> and work stream in the next two weeks (try to get your feedback in by >> December 7th in time for the next CG meeting), and the chairs will >> determine whether there is sufficient support for the document to adopt it >> as an official CG work stream. >> > >> > Thank you, >> > -- >> > Sofía Celi >> > @claucece >> > Cryptographic research and implementation at many places, specially >> Brave. >> > Chair of hprc at IRTF and anti-fraud at W3C. >> > Reach me out at: cherenkov@riseup.net >> > Website: https://sofiaceli.com/ >> > 3D0B D6E9 4D51 FBC2 CEF7 F004 C835 5EB9 42BF A1D6 >> > >> > >> >> >> > > -- > > Steven Valdez | Chrome Privacy Sandbox | svaldez@google.com | Cambridge, > MA > -- Brian May Principal Engineer P: (848) 272-1164
Received on Tuesday, 29 November 2022 18:46:35 UTC