- From: Chris Needham <notifications@github.com>
- Date: Wed, 17 Mar 2021 10:13:38 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/342/801259495@github.com>
> > @torgo said: how would an org register these? Is there a scope for a standarised approach to registration / vetting / approval process? > > @krgovind said: The explainer currently only speaks to the technical aspect of the proposal; but yes, we are absolutely interested in working with the ecosystem on a standardized approach to the policy enforcement. A common approach and governance model for FPS registration is something that we also would want to see, with clear definition of membership rules. One concern I have is that FPS seems to allow flexibility for browsers to implement their own UA policy. From the [explainer](https://github.com/privacycg/first-party-sets#ua-policy): > The browser will consider domains to be members of a set if the domains opt in and the set meets UA policy > Browsers implementing First-Party Sets will specify UA policy for which domains may be in the same set. While not required, it is desirable to have some consistency across UA policies. Inconsistency is arguably already present on the web today, given each browser’s third-party cookie blocking policy, but the lack of a requirement for consistency across browsers leads to uncertainty around whether a site's declared membership set would be honoured by all browsers. If not, it will be hard to build site functionality that reliably depends on FPS. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/342#issuecomment-801259495
Received on Wednesday, 17 March 2021 17:13:50 UTC