[w3ctag/design-reviews] Private State Tokens (formerly Trust Tokens) (Issue #780) from Steven Valdez on 2022-10-19 (public-webapps-github@w3.org from October 2022)

From: Steven Valdez <notifications@github.com>
Date: Wed, 19 Oct 2022 08:45:56 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/780@github.com>

Wotcher TAG!

I'm requesting a TAG review of Private State Tokens (formerly Trust Tokens).

The Private State Token API is used to transfer a limited amount of information across sites in a privacy preserving manner. It achieves this using the Privacy Pass protocol from the IETF working group. The Private State Token API can be considered as a web-exposed form of the Privacy Pass protocols.

  - Explainer¹ (minimally containing user needs and example code): https://github.com/WICG/trust-token-api/blob/main/README.md

  - Specification URL: https://wicg.github.io/trust-token-api/

  - Tests: https://github.com/web-platform-tests/wpt/tree/master/trust-tokens

  - User research: N/A
  - Security and Privacy self-review²: https://docs.google.com/document/d/1KPa5OQtp-n6wmf5PTDNSd-pGP993sOtZfl0LbT5fopk/edit

  - GitHub repo (if you prefer feedback filed there): https://github.com/WICG/trust-token-api/

  - Primary contacts (and their relationship to the specification):
      - Steven Valdez (dvorak42), Google
      - Aykut Bulut (aykutbulut), Google
  - Organization(s)/project(s) driving the specification: Google Privacy Sandbox
  - Key pieces of existing multi-stakeholder review or discussion of this specification:
     - Apple (likely defer until further updates to match privacypass): https://github.com/WebKit/standards-positions/issues/72

     - Mozilla (defer): https://github.com/mozilla/standards-positions/issues/262

  - External status/issue trackers for this specification (publicly visible, e.g. Chrome Status): https://chromestatus.com/feature/5078049450098688


Further details:

  - [X] I have reviewed the TAG's [Web Platform Design Principles](https://www.w3.org/TR/design-principles/)
  - Relevant time constraints or deadlines: 
  - The group where the work on this specification is currently being done: wicg (likely to move to antifraudcg in the near future)
  - The group where standardization of this work is intended to be done (if current group is a community group or other incubation venue): probably WebAppSec
  - Major unresolved issues with or opposition to this specification: We're not aware of major issues or opposition at this point, though we are awaiting further feedback from other browser vendors.
  - This work is being funded by: Google


We'd prefer the TAG provide feedback as (please delete all but the desired option):

  🐛 open issues in our GitHub repo for **each point of feedback**

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/780

You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/780@github.com>

Received on Wednesday, 19 October 2022 15:46:09 UTC