FedCM as a trust signal for the Storage Access API

[johannhof]

Guten TAG!

I'm requesting a TAG review of FedCM as a trust signal for the Storage Access API.

In short, this feature will allow developers of FedCM to utilize the Storage Access API (based on the prior user permission given to share cross-site identifiers), conversely, it allows developers using the Storage Access API to more easily upgrade to FedCM which may offer a better user experience in many cases.

From the explainer, note the key use cases as well as a discussion of the slightly different privacy and security properties of the two APIs and how we chose to reconcile them.

• Explainer¹: https://github.com/privacycg/storage-access/blob/main/explainers/storage-access-for-fedcm.md
• Specification: https://privacycg.github.io/storage-access/
• WPT Tests: https://wpt.fyi/results/fedcm/fedcm-storage-access-api-autogrant.tentative.https.sub.html?label=experimental&label=master&aligned
• User research:
• Security and Privacy self-review²: Since this is a simple add-on to SAA, it might be most helpful to read the SAA questionnaire as well as the questionnaire for this feature.
• GitHub repo: https://github.com/privacycg/storage-access
• Primary contacts:
  • Johann Hofmann (@johannhof), Google, Editor
  • Chris Fredrickson (@cfredric), Google, Editor
• Organization/project driving the specification: Google
• Multi-stakeholder support³:
  • Chromium comments: Supportive
  • Mozilla comments: FedCM as a trust signal for the Storage Access API mozilla/standards-positions#1065
  • WebKit comments: FedCM as a trust signal for the Storage Access API WebKit/standards-positions#390
• Status/issue trackers for implementations⁴:
  • https://chromestatus.com/feature/5116478702747648
  • https://bugzilla.mozilla.org/show_bug.cgi?id=1917280
  • https://bugs.webkit.org/show_bug.cgi?id=279267

Further details:

• I have reviewed the TAG's Web Platform Design Principles
• Relevant time constraints or deadlines:
  • We're looking to ship this API in Chrome within the next few releases
• The group where the work on this specification is currently being done:
  • PrivacyCG / FedID CG
• The group where standardization of this work is intended to be done (if different from the current group): WHATWG
• Major unresolved issues with or opposition to this specification: One thing that we still have to fully figure out is how to make this work well with Storage Access Headers, given that the privacy properties of this proposal mandate the use of the FedCM permissions policy which would limit utility of SAH for some developers.
• This work is being funded by: Google

You should also know that...

The Lightweight FedCM work driven by @bvandersloot-mozilla et al integrates with this feature to ensure developers using the API get access to cross-site cookies upon completing the proposed user permission flow.