Delegation-oriented FedCM

[samuelgoto]

こんにちは TAG-さん!

I'm requesting an early TAG design review of the Delegation-oriented FedCM.

An extension to FedCM to allow Social login on the Web without phone-homing the Identity Provider.

• Explainer¹: here
• User research: TBD
• Security and Privacy self-review²: TBD
• GitHub repo: here
• Primary contacts:
  • @samuelgoto
• Organization/project driving the design: Google
• Multi-stakeholder feedback³:
  • Chromium comments: intent to prototype
  • Mozilla comments: We believe this addresses part of the original feedback we got for FedCM from Mozilla here: "We ultimately want to be able to offer options where IdPs are not in a position to track users through their use of identity information. The current design always involves notifying the IdP of all login attempts. This has a number of advantages from a security perspective. The IdP is able to audit logins and present users with information about their activities. Also, the IdP is in a better position to block access to identity information for bad RPs. Ultimately, we would like to be able to offer users at least the option of a more private choice here, but we recognize the practical security benefits of the current design."
  • WebKit comments: TBD

Further details:

• I have reviewed the TAG's Web Platform Design Principles
• The group where the incubation/design work on this is being done (or is intended to be done in the future): FedID CG
• The group where standardization of this work is intended to be done ("unknown" if not known): FedID WG
• Existing major pieces of multi-implementer review or discussion of this design:
• Major unresolved issues with or opposition to this design:
• This work is being funded by:

You should also know that...

This is very early and we are looking for directional guidance.