Cross-site cookies standardization
annevk opened this issue · comments
As discussed in the last call it would be good to sort out our collective story around cookies. Tentative agenda for a dedicated meeting:
- Are the usual cross-site cookies "blocked" or "partitioned"?
- Do we need opt-in partitioned cookies? And if so, through CHIPS or
requestStorageAccess()
, or something else? - How do we organize standardization?
- Interaction of cross-site cookies and
SameSite=None
. - Ephemeral partitioned third-party storage (including cookies) by Brave: privacycg/proposals#18.
Speaking on behalf of Chrome, we'd be interested in this discussion.
How about the 5th Thursday of March (March 31st), in our usual telcon time slot? @annevk
Works for me!
Will March 31st be put on the calendar? https://www.w3.org/groups/cg/privacycg/calendar
@annevk - If we have room on the agenda, would you be open to also discussing on the interaction of cross-site cookies and SameSite=None? I think the behavior of the "Block third-party cookies" setting varies subtly across browsers, so it would be great to understand how they vary and whether it's possible to align.
@krgovind sounds good, added that to OP.
Due to some unforeseen schedule conflicts, we need to postpone this. We are planning to use our regular Thursday, April 14th teleconference for this ad hoc. Sorry about the last minute change!
This has been rescheduled for 14 April 2022.
This has again been rescheduled. We'll now discuss this during our April 28th call.
The minutes are now live at https://github.com/privacycg/meetings/blob/main/2022/telcons/04-28-minutes.md thanks to @hober. A follow-up meeting has been proposed in #19. I also followed up with the IETF in httpwg/http-extensions#2084 and privacycg/storage-partitioning#30 updates our Storage Partitioning document with relevant pointers. With that I'm closing this issue.
Thanks everyone for participating and also to the chairs for taking care of most things, including rescheduling this more than once!