Re: [w3ctag/design-reviews] TAG review request for the IDP signin status API (Issue #884)

Hi @cbiesinge: a few questions came up in our discussion today on this one:

1. Our understanding is that this is designed to prevent an IDP from tracking users. However, the mechanism provided allows the IDP to optionally signal the signed in status of the user to the UA. Couldn't an IDP that wants to track users simply not send the signed-out signal and thus still get the silent requests?
  
2. Regarding multi-stakeholder support, we see from ChromeStatus that Firefox is listed as "under consideration" - however I don't actually see a Mozilla standards position on this - is there one? Is there a webkit standards position? 
  
3. What is the general status of FedCM from an implementation stand-point?  What is the multi-stakeholder story with FedCM right now and when do we expect to achieve "critical mass" for FedCM?  This is especially relevant to the discussion on deprecation of third party cookies, as federated sign-in is often cited as a use case supported by third party cookies.
  
4. Small addition question - you've reference a PR [against is-logged-in](https://github.com/privacycg/is-logged-in/pulls) in your explainer - however the is-logged-in API itself seems to not be very active – and we haven't been asked to review it. Can you shed some light on the status of this API?

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/884#issuecomment-1705512617
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/884/1705512617@github.com>

Received on Monday, 4 September 2023 16:26:47 UTC