Erik, Edge recently started an Origin Trial for the Ad Selection API <https://blogs.windows.com/msedgedev/2024/10/08/ad-selection-api-limited-preview/>, and I had three questions about its compatibility with Protected Audience Bidding & Auction Services:
1. The Ad Selection API details <https://github.com/WICG/privacy-preserving-ads/blob/main/API%20Details.md> says it “aims to maximize syntactic compatibility with the Protected Audience API”. Can you confirm that the Ad Selection API uses nearly the same web API as specified in the Protected Audience API specification <https://wicg.github.io/turtledove/>? 2. Is the Ad Selection API also using similar request and response encoding and encryption as specified in the Bidding and Auction Services specification <https://privacysandbox.github.io/draft-ietf-bidding-and-auction-services/draft-ietf-bidding-and-auction-services.html> ? 3. We recently posted the location and format of the coordinator keys that Chrome fetches <https://github.com/WICG/turtledove/pull/1309/files>. Does the Ad Selection API use a similar mechanism? On Fri, Oct 18, 2024 at 4:09 PM Paul Jensen <pauljen...@chromium.org> wrote: > Yoav, our IETF service spec repository > <https://github.com/privacysandbox/draft-ietf-bidding-and-auction-services> > is already public and we verified anyone can file issues there. We also > verified with more experienced standardization folks that its IPR settings > look right. > > On Wed, Oct 16, 2024 at 10:23 AM Yoav Weiss (@Shopify) < > yoavwe...@chromium.org> wrote: > >> >> >> On Wednesday, October 16, 2024 at 4:00:00 PM UTC+2 Mike Taylor wrote: >> >> On 10/7/24 10:30 AM, 'Russ Hamilton' via blink-dev wrote: >> >> Contact emails >> >> pauljen...@chromium.org, behamil...@google.com >> >> Explainer >> >> Chrome: https://github.com/WICG/turtledove/blob/main/FLEDGE_ >> browser_bidding_and_auction_API.md >> >> Thanks - this was helpful to read. >> >> Services: https://github.com/privacysandbox/fledge-docs/ >> blob/main/bidding_auction_services_api.md >> >> Given that this service spec defines the protocols browsers and services >> would need to implement, could you move this to a more public venue? (where >> non-Google employees can comment, and files issues and PRs) >> >> >> >> Specification >> >> The web platform portion of the specification (navigator. >> getInterestGroupAdAuctionData() and the server response changes to >> navigator.runAdAuction()) is part of the Protected Audience spec >> <https://wicg.github.io/turtledove/>. >> >> The interface to the Bidding & Auction Services endpoint is described in >> https://privacysandbox.github.io/draft-ietf-bidding-and- >> auction-services/draft-ietf-bidding-and-auction-services.html >> >> Summary >> >> The Protected Audience API (formerly known as FLEDGE) is a Privacy >> Sandbox proposal to serve remarketing and custom audience use cases, >> designed so third parties cannot track user browsing behavior across sites. >> This proposal, the Protected Audience Bidding & Auction Services API, >> outlines a way to allow Protected Audience computation to take place on >> cloud servers in a Trusted Execution Environment (TEE), rather than running >> locally on a user's device. Moving computations to cloud servers can help >> optimize the Protected Audience auction, to free up computational cycles >> and network bandwidth for a device. >> >> Blink component >> >> Blink>InterestGroups >> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EInterestGroups> >> >> TAG review >> >> For Protected Audience: https://github.com/w3ctag/ >> design-reviews/issues/723 >> >> TAG review status >> >> Completed for Protected Audience, resolved unsatisfied. >> >> Risks Interoperability and Compatibility >> >> None. This is an optional new feature of the Protected Audience API. Ad >> techs can use this new feature by calling navigator. >> getInterestGroupAdAuctionData() and specifying values for new fields in >> the auction config. Without invoking the new function or explicit values >> for those new fields, there's no functional behavioral change as a result >> of this feature. >> >> Gecko & WebKit: No signal on parent proposal, Protected Audience. Asked >> in the Mozilla forum here >> <https://github.com/mozilla/standards-positions/issues/770>, and in the >> Webkit forum here >> <https://github.com/WebKit/standards-positions/issues/158>. >> Edge: Microsoft has proposed their Ad Selection API >> <https://github.com/WICG/privacy-preserving-ads/tree/main> as a similar >> TEE on-server auction API. That API looks like it would have a near >> identical Web Platform API as the Bidding and Auction Services API. We have >> biweekly meetings with Microsoft, and are open to collaborating on >> specifying the API. >> >> Can you elaborate more on "near identical"? Would it be possible to have >> an interoperable server-bidding API between the two proposals in the near >> term? >> >> Web developers: Extensive interest in this feature from adtechs, >> evidenced by the myriad of discussions on Protected Audience’s issue >> tracker <https://github.com/WICG/turtledove/issues>, Protected >> Audience’s weekly WICG calls >> <https://github.com/WICG/turtledove/issues/88>, and the Protected >> Auction Services WICG calls >> <https://github.com/WICG/protected-auction-services-discussion/issues/27> >> . >> >> Debuggability >> >> On-device API surfaces should be debuggable in Chrome DevTools, and we’ve >> added extensive mechanisms for debugging >> <https://github.com/privacysandbox/fledge-docs/blob/main/debugging_protected_audience_api_services.md> >> Bidding >> and Auction services >> <https://github.com/privacysandbox/protected-auction-services-docs/blob/main/bidding_auction_services_api.md#related-documents> >> . >> >> Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, Chrome OS, Android, and Android WebView)? >> >> It will be supported on all platforms that support Protected Audience, so >> all but WebView. >> >> Is this feature fully tested by web-platform-tests >> <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> >> ? >> >> Lots of >> <https://github.com/web-platform-tests/wpt/blob/master/fledge/tentative/get-interest-group-auction-data.https.window.js> >> WPT tests >> <https://github.com/web-platform-tests/wpt/blob/master/fledge/tentative/server-response.https.window.js>. >> Remaining test coverage to be completed soon. >> >> Can you comment on what tests (or types of tests) are missing, and when >> you expect them to be done? >> >> >> Flag name on chrome://flags >> >> Overall control is not possible via chrome://flags, though the consented >> debugging support >> <https://github.com/privacysandbox/fledge-docs/blob/main/debugging_protected_audience_api_services.md#adtech-consented-debugging> >> is controlled via chrome://flags/#protected-audience-debug-token >> >> Finch feature name >> >> FledgeBiddingAndAuctionServer >> >> Requires code in //chrome? >> >> Only for UI for the consented debugging support >> <https://github.com/privacysandbox/fledge-docs/blob/main/debugging_protected_audience_api_services.md#adtech-consented-debugging> >> . >> >> Just the chrome://flags UI, right? Or is there some other debugging UI >> that gets enabled when flipping that on? >> >> Anticipated spec changes >> >> No web-visible changes expected. >> >> Just to confirm, you're adding a new web-visible API (and have specced >> that) but are not changing any other PA APIs, correct? >> >> >> Estimated milestones >> >> Shipping to all applicable platforms in M130. >> >> Link to entry on the Chrome Platform Status >> >> https://chromestatus.com/feature/4649601971257344 >> >> Links to previous Intent discussions >> >> Intent to prototype: https://groups.google.com/a/ >> chromium.org/d/msgid/blink-dev/CABQTWrnSdvf7RgK2wxsmC6rWc8eRo >> qDZOvgwVFuEx1r2nqmAJg%40mail.gmail.com >> Intent to Experiment: >> >> https://groups.google.com/a/chromium.org/g/blink-dev/c/2bwMHd3Yz7I >> <https://groups.google.com/a/chromium.org/g/blink-dev/c/2bwMHd3Yz7I/m/BwMKwPP6GQAJ> >> >> Intent to Extend Experiment: >> >> https://groups.google.com/a/chromium.org/g/blink-dev/c/ >> 2bwMHd3Yz7I/m/xaJHFJ_uAAAJ >> >> Intent to Extend Experiment 2: >> >> https://groups.google.com/a/chromium.org/g/blink-dev/c/ >> 2bwMHd3Yz7I/m/RigQFZilAgAJ >> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to blink-dev+unsubscr...@chromium.org. >> To view this discussion on the web visit https://groups.google.com/a/ >> chromium.org/d/msgid/blink-dev/CAAG-DU3H_eSNfb7gzNn-OTbdvqsatiZMP53m1pN_ >> 3TpyNrzoeA%40mail.gmail.com >> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAAG-DU3H_eSNfb7gzNn-OTbdvqsatiZMP53m1pN_3TpyNrzoeA%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrmdTJDqb3ifFmCSERMhLwX62bc7neVhy4objPN0AdNAGA%40mail.gmail.com.
