- From: Charlie Harrison via GitHub <sysbot+gh@w3.org>
- Date: Wed, 18 May 2022 01:46:55 +0000
- To: public-patcg@w3.org
@martinthomson I think you got the gist. A few quick comments: 1. Events being generated in frames does not really solve the "configuration issue" with advertisers needing to come up with lists of delegates they trust. We don't really need frames to solve the "event attribution" problem either, we just need a trusted channel to the delegate e.g. via an HTTPS request. These kinds of requests are how the Attribution Reporting API works. 2. I need to understand more about how IPA works with the delegate system. From reading the doc, we expect sites to delegate creation of source / trigger events to third parties. It seems that, without explicit coordination between those third parties, we wouldn't necessarily get cross channel attribution, because every third party is just ingesting their own events. If we are relying on server-to-server coordination after the fact (merging data from multiple 3ps) then you also introduce another threat vector of intermediaries crafting fake data. I agree IPA structurally makes some of this easier because you can make decisions after the fact without needing to encode it in browser policy available at attribution time. @btsavage also mentioned in the meeting that it could be possible to mitigate these issues also via after-the-fact detection (maybe at the cost of privacy budget), which is certainly better than nothing too. -- GitHub Notification of comment by csharrison Please view or discuss this issue at https://github.com/patcg/private-measurement/issues/14#issuecomment-1129482230 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 18 May 2022 01:46:57 UTC