The main relevant section of the Protected Audience explainer is 3.1.2 Trusted Signals Server in TEE <https://github.com/WICG/turtledove/blob/main/FLEDGE.md#312-trusted-signals-server-in-tee> The JavaScript API changes are minimal, just the extra trustedBiddingSignalsCoordinator and trustedScoringSignalsCoordinator fields. The bulk of the browser changes are explained in the explainer for the new protocol used to communicate with the Trusted Key-Value Server <https://github.com/WICG/turtledove/blob/main/FLEDGE_Key_Value_Server_API.md> .
Similarly, the main relevant sections of the web spec are the sections that assemble the trusted bidding <https://wicg.github.io/turtledove/#build-trusted-key-value-bidding-signals-request-body> and trusted scoring <https://wicg.github.io/turtledove/#build-trusted-key-value-scoring-signals-request-body> sections, while the bulk of the new spec is the new IETF spec for the new protocol used to communicate with the Trusted Key-Value Server <https://privacysandbox.github.io/draft-ietf-protected-audience-key-value-service/draft-ietf-protected-audience-key-value-services.html> . On Wed, Jan 15, 2025 at 10:02 AM Yoav Weiss (@Shopify) < yoavwe...@chromium.org> wrote: > > > On Wednesday, January 8, 2025 at 5:59:00 PM UTC+1 Paul Jensen wrote: > > Contact emails > > pauljen...@chromium.org > > Explainer > > https://github.com/WICG/turtledove/pull/1342 > > https://github.com/WICG/turtledove/pull/1343 > > > Can you please point at relevant sections in the explainer, rather than PR > diffs? > > > > Specification > > The web platform portion of the specification: https://github.com/WICG/ > turtledove/pull/1340 > > > Here as well, pointing to relevant sections of the spec would be helpful. > > > The interface to the Trusted Key-Value Server endpoint: > https://privacysandbox.github.io/draft-ietf-protected- > audience-key-value-service/draft-ietf-protected-audience- > key-value-services.html > > Summary > > During Protected Audience (PA) API ad selection auctions, buyers and > sellers are able to fetch real-time signals from servers. As a temporary > mechanism, the buyer and seller can fetch these signals from any server, > including one they operate themselves (a "Bring Your Own Server" model); > this change does not remove this support. To improve user privacy and > enable new functionality, in the future versions of PA, the request will > only be sent to a trusted key-value-type server. The server is verified by > external parties to ensure it’s running an approved binary built from the > open source key-value server code and is running in a trusted execution > environment (TEE), and only then is allowed access to decryption keys. > This proposal adds support to Chrome to communicate with these trusted > key-value servers using an encrypted protocol ensuring that only the > appropriately trusted servers can decrypt and respond, thus ensuring the > protocol and server maintain desired privacy characteristics. > > Blink component > > Blink>InterestGroups > <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EInterestGroups> > > TAG review > > For Protected Audience: https://github.com/w3ctag/ > design-reviews/issues/723 > > TAG review status > > Completed for PA, resolved unsatisfied. > > Risks > > > Interoperability and Compatibility > > Optional new functionality that does not break existing use. > > > Gecko & WebKit: For PA in general - Negative from Mozilla > <https://github.com/mozilla/standards-positions/issues/770#issuecomment-2432124085>. > No signal from Webkit > <https://github.com/WebKit/standards-positions/issues/158#issuecomment-2432121278> > . > > > Edge: Edge is running an Origin Trial of the Ad Selection API > <https://github.com/WICG/privacy-preserving-ads/blob/main/README.md> > which shares a Web API and services protocol with PA. > > > Web developers: At least four companies have expressed interest in another > feature <https://github.com/WICG/turtledove/issues/1105> (also here > <https://github.com/privacysandbox/protected-auction-key-value-service/issues/72#issuecomment-2485843775>) > that is blocked > <https://github.com/WICG/turtledove/issues/1105#issuecomment-2043779939> > on Trusted Key-Value Server Support in the browser. > > Debuggability > > HTTPS requests to Trusted Key-Value Servers are visible in the Chrome > DevTools Network pane. Response values are visible by setting breakpoints > in PA bidding scripts. > > Will this feature be supported on all six Blink platforms (Windows, Mac, > Linux, ChromeOS, Android, and Android WebView)? > > It will be supported on all platforms that support PA, so all but WebView. > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? > > We have started WPTs > <https://chromium-review.googlesource.com/c/chromium/src/+/6050105> and > plan to finish them soon. > > > Flag name on chrome://flags > > None > > > Finch feature name > > ProtectedAudienceTrustedKVSupport > > Requires code in //chrome? > > False > > Estimated milestones > > Shipping on desktop and Android in M132. > > Anticipated spec changes > > None > > Link to entry on the Chrome Platform Status > > https://chromestatus.com/feature/5072384013631488?gate=5125481377300480 > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com/>. > > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CABQTWrk0XPEYYdiRKLgN88cQ67TnzeJW7a5WVNdZCcnRp28u5A%40mail.gmail.com.
