- From: Jordan Ross <jordross@google.com>
- Date: Wed, 30 Nov 2022 12:56:06 -0800
- To: Brian May <bmay@dstillery.com>
- Cc: Steven Valdez <svaldez@google.com>, Tommy Pauly <tpauly@apple.com>, Sofía Celi <cherenkov@riseup.net>, public-antifraud@w3.org
- Message-ID: <CACW4FeMMy7Fp-s=Gmuo44rBOHa54ZGogCfKCgGBp0hD7wiH4-A@mail.gmail.com>
I expect that further investment by the CG on Private State Tokens would be a welcome addition to the group's workstreams. As some have mentioned <https://github.com/antifraudcg/proposals/issues/7#issuecomment-1103929572>, we still see that it would be beneficial to further discuss anti-fraud / IVT detection needs in the anti-fraud CG to help shape and evolve the API. Thank you, Jordan Ross Google Ad Traffic Quality On Tue, Nov 29, 2022 at 10:54 AM Brian May <bmay@dstillery.com> wrote: > I'm also not sure this group is the right home for Trust Tokens API. While > anti-fraud includes use-case to which tokens might usefully be applied, > there are presumably a number of other cases not strictly fraud related in > which tokens could be meaningfully employed. Given that, I am concerned > either the anti-fraud focus of this group will be too limiting to the > development of a general-use trust token or that interest in developing a > token that applies to a broad set of use-cases will open the scope of this > group beyond the anti-fraud domain. It seems like the Credentials > Community Group <https://www.w3.org/community/credentials/> might be a > better home Trust Tokens API with the support from this group for > developing anti-fraud specific capabilities. > > On Tue, Nov 29, 2022 at 12:06 PM Steven Valdez <svaldez@google.com> wrote: > >> There's not a ton in the explainer that is tied to a specific version of >> privacypass, but we can update the bits that rely on the older versions of >> privacypass to point to the current draft (and updating the metadata >> discussion to reference the current available privacypass types) and note >> where we're diverging from the specification before we move it over to the >> AFCG. >> >> On Mon, Nov 28, 2022 at 3:56 PM Tommy Pauly <tpauly@apple.com> wrote: >> >>> Hi Sofía, >>> >>> I do support the anti-fraud CG having a work stream for the general area >>> of Private Tokens, to talk about the interactions build on privacy pass and >>> other similar technologies. >>> >>> I don’t think we should move over or adopt the Trust Tokens API document >>> as-is, however, until it’s either updated to work with the IETF version of >>> privacy pass or else is specifically contextualized as >>> background/historical material from previous work. I know there’s an intent >>> to re-write that document to be compatible with the current privacy pass >>> (while it’s currently referring to a pre-IETF version), and I think it >>> should be relatively straightforward to make those changes. I am concerned >>> that bringing the document over without any updates will perpetuate >>> confusion about the different layers and versions, which should all be >>> converging at this point. >>> >>> Best, >>> Tommy >>> >>> > On Nov 22, 2022, at 9:08 AM, Sofía Celi <cherenkov@riseup.net> wrote: >>> > >>> > Hi all, >>> > >>> > The chairs are starting an adoption process for the Private State >>> Tokens proposal: >>> > >>> > https://github.com/WICG/trust-token-api/ >>> > https://github.com/antifraudcg/proposals/issues/7 >>> > >>> > Given the need for other types of privacy-preserving tokens for the >>> various capabilities being discussed in the CG, the authors are asking to >>> adopt this item as part of a more generic Private Tokens work stream, >>> discussing and developing documents for various types of privacy-preserving >>> tokens (based on privacypass and similar technology) that are useful in the >>> anti-fraud space. >>> > >>> > Please respond with any further feedback or support for the document >>> and work stream in the next two weeks (try to get your feedback in by >>> December 7th in time for the next CG meeting), and the chairs will >>> determine whether there is sufficient support for the document to adopt it >>> as an official CG work stream. >>> > >>> > Thank you, >>> > -- >>> > Sofía Celi >>> > @claucece >>> > Cryptographic research and implementation at many places, specially >>> Brave. >>> > Chair of hprc at IRTF and anti-fraud at W3C. >>> > Reach me out at: cherenkov@riseup.net >>> > Website: https://sofiaceli.com/ >>> > 3D0B D6E9 4D51 FBC2 CEF7 F004 C835 5EB9 42BF A1D6 >>> > >>> > >>> >>> >>> >> >> -- >> >> Steven Valdez | Chrome Privacy Sandbox | svaldez@google.com | Cambridge, >> MA >> > > > -- > > > Brian May > Principal Engineer > P: (848) 272-1164 >
Received on Wednesday, 30 November 2022 20:57:54 UTC