Security and privacy review tracker

[anssiko]

This issue is to solicit and track security and privacy review feedback from browser vendors, W3C's Privacy Interest Group, other privacy experts. While these reviews are formally part of the standards track, it is beneficial to conduct such reviews and capture any related feedback as early as possible, including any informal feedback and comments.

To facilitate this process, the Compute Pressure API contributors have proactively completed the Self-Review Questionnaire: Security and Privacy, documented the responses in a separate document and updated the Security and privacy considerations accordingly.

Please note the Compute Pressure API has been recently substantially refactored based on the high-level metrics proposal #24 to address feedback provided in WebKit Request for Position and with consideration for new use cases, web developer ergonomics in addition to privacy and security. To that end, we are in particular interested in browsers vendors' feedback on the security and privacy properties of the new API.

All feedback welcome, including LGTMs and more directional guidance.

• Chrome's security and privacy team Security and privacy review tracker #79 (comment)

[mikewest]

IMO, this is a strict improvement over what Chrome's security and privacy teams approved in the v1 launch from the perspective of timing attacks and the nature of the API as a global oracle of CPU state. The same rationale that applies to the security implications of that shift also apply to the reidentification risks. They remain low.

[anssiko]

Thanks @mikewest for your assessment. Please raise any security and privacy issues in this repo -- the spec contributors are committed to address these issues as a high priority.

[anssiko]

Wide review has been completed as documented in #177. Thank you for your review and contributions.