From 8341eed0721e4c06fac58cb7966733cef5c7a5ef Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Mon, 9 Sep 2024 15:20:16 +0000 Subject: [PATCH 01/20] Add payload optimization --- spec.bs | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 2cfca488c..294c0b56f 100644 --- a/spec.bs +++ b/spec.bs @@ -2865,6 +2865,12 @@ partial interface Navigator { dictionary AdAuctionDataConfig { required USVString seller; required USVString coordinatorOrigin; + unsigned long requestSize; + record perBuyerConfig; +}; + +dictionary AdAuctionDataBuyerConfig { + unsigned long targetSize; }; dictionary AdAuctionData { @@ -2889,6 +2895,8 @@ A server auction interest group is a [=struct=] with the following [= from the [=interest group/ad components=] field. : browser signals :: A [=server auction browser signals=]. + : priority + :: A {{double}} A server auction browser signals is a [=struct=] with the following [=struct/items=]: @@ -2931,11 +2939,12 @@ A server auction request context is a [=struct=] with the following [
-The getInterestGroupAdAuctionData(|config|) method steps are: +The getInterestGroupAdAuctionData(|configIDL|) method steps are: 1. Let |global| be [=this=]'s [=relevant global object=]. 1. If |global|'s [=associated Document=] is not [=allowed to use=] the "[=run-ad-auction=]" [=policy-controlled feature=], then [=exception/throw=] a "{{NotAllowedError}}" {{DOMException}}. +1. Let |config| be the result of running [=parse and verify ad auction config=] on |configIDL|. 1. Let |p| be [=a new promise=]. 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: @@ -2983,6 +2992,8 @@ The getInterestGroupAdAuctionData(|config|) meth :: |components| : [=server auction interest group/browser signals=] :: |browserSignals| + : [=server auction interest group/priority=] + :: |ig|'s [=interest group/priority=] 1. [=list/Append=] |serverIg| to |igMap|[|owner|]. 1. Let |result| be a new {{AdAuctionData}}. 1. Let |requestId| be the [=string representation=] of a [=version 4 UUID=]. @@ -3003,6 +3014,41 @@ The getInterestGroupAdAuctionData(|config|) meth
+
+ To parse and verify ad auction config given an {{AdAuctionDataConfig}} |configIDL|: + + 1. Let |config| be a new [=auction data config=] with the following [=struct/items=]: + : [=auction data config/seller=] + :: The result of running [=parsing an https origin=] on + |configIDL|["{{AdAuctionDataConfig/seller}}"] + : [=auction data config/coordinator=] + :: The result of running [=parsing an https origin=] on + |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"] + : [=auction data config/request size=] + :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"] + : [=auction data config/per buyer config=] + :: The result of running [=parse per buyer auction data configs=] on + |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] + 1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=] + fields are failure, then [=exception/throw=] a {{TypeError}}. + 1. Return |config|. +
+ +
+ To parse per buyer auction data configs given an + {{AdAuctionDataBuyerConfig}} |perBuyerConfigIDL|: + 1. Let |configs| be a new [=ordered map=] whose [=map/keys=] are [=origins=] + and whose [=map/values=] are [=auction data config=] + 1. [=map/For each=] |buyerIDL| → |buyerConfigIDL| of |perBuyerConfigIDL|: + 1. Let |buyerConfig| be a new [=auction data buyer config=] with the following [=struct/items=]: + : [=auction data buyer config/size=] + :: |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] + 1. Let |buyer| be the result of running [=parsing an https origin=] on |buyerIDL|. + 1. If |buyer| is failure, then [=exception/throw=] a {{TypeError}}. + 1. [=map/Set=] configs[|buyer|] to |buyerConfig|. + 1. Return |configs|. +
+ # Reporting # {#reporting} ## {{InterestGroupBiddingAndScoringScriptRunnerGlobalScope/forDebuggingOnly}} ## {#for-debugging-only-header} @@ -7284,6 +7330,31 @@ for a given [=k-anonymity key=]. These records are stored in the [=user agent=]. :: The [=moment=] when the k-anonymity status in this record was last fetched. +

auction data config

+ +An auction data config is a [=struct=] with the following [=struct/items=]: + +
+ : seller + :: An [=origin=]. + The origin of the seller running the ad auction. The [=origin/scheme=] must be "`https`". + : coordinator + :: The origin of the coordinator hosting public encryption keys for the server + running the ad auction. The [=origin/scheme=] must be "`https`". + : request size + :: {{unsigned long}} or null. An optional field, containing the desired size + for the returned encrypted request blob. + : per buyer config + :: A [=map=] whose [=map/keys] are [=origins=] and [=map/values=] are [=auction data buyer config=]. +
+ +An auction data buyer config is a [=struct=] with the following [=struct/items=]: +
+ : size + :: {{unsigned long}} or null. An optional field, initially null, containing the + size of the request to allocate to this buyer. +
+ # Privacy Considerations # {#privacy-considerations} Protected Audience aims to advance the privacy of remarketing and custom audience From b71d3bf019e9ccd5623c87fe46c565d9775c62e4 Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Mon, 9 Sep 2024 20:43:35 +0000 Subject: [PATCH 02/20] Add missing = --- spec.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 294c0b56f..a1042d1a0 100644 --- a/spec.bs +++ b/spec.bs @@ -7345,7 +7345,7 @@ An auction data config is a [=struct=] with the following [=struct/it :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. : per buyer config - :: A [=map=] whose [=map/keys] are [=origins=] and [=map/values=] are [=auction data buyer config=]. + :: A [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=auction data buyer config=]. An auction data buyer config is a [=struct=] with the following [=struct/items=]: From 301c989cb5bea694488444d0f1c592eb2f6bb09b Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Wed, 11 Sep 2024 19:06:52 +0000 Subject: [PATCH 03/20] Add constraint on request size --- spec.bs | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/spec.bs b/spec.bs index a1042d1a0..3e16966df 100644 --- a/spec.bs +++ b/spec.bs @@ -3031,6 +3031,14 @@ The getInterestGroupAdAuctionData(|configIDL|) m |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] 1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=] fields are failure, then [=exception/throw=] a {{TypeError}}. + 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] + and |config|'s [=auction data config/request size=] is null: + 1. Let |request_size| equal 0. + 1. [=list/For each] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]: + 1. If |buyerConfig|'s [=auction data buyer config/size=] is null, + then [=exception/throw=] a {{TypeError}}. + 1. Set |request_size| to |request_size| + |buyerConfig|'s [=auction data buyer config/size=] + 1. Set |config|'s [=auction data config/request size=] to |request_size|. 1. Return |config|. From 861c1f3f1dd0b53cadaead05efc5c359c91c60d9 Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Wed, 11 Sep 2024 21:14:45 +0000 Subject: [PATCH 04/20] Add key fetch --- spec.bs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/spec.bs b/spec.bs index 3e16966df..b71a8f9a8 100644 --- a/spec.bs +++ b/spec.bs @@ -3031,6 +3031,14 @@ The getInterestGroupAdAuctionData(|configIDL|) m |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] 1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=] fields are failure, then [=exception/throw=] a {{TypeError}}. + 1. If |config|'s [=auction data config/coordinator=] is not one of the [=implementation-defined=] + coordinators supported by this [=user agent=], then [=exception/throw=] a {{TypeError}}. + 1. Set |config|'s [=auction data config/encryption key=] to one of the [[RFC9180|HPKE]] public + encryption keys that the coordinator corresponding to |config|'s [=auction data config/coordinator=] + associates with |config|'s [=auction data config/seller]. The actual method + for this lookup is [=implementation-defined=], and may consist of fetching + the keys from a known [=URL=]. If the public key is not available, then + [=exception/throw=] a {{TypeError}}. 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and |config|'s [=auction data config/request size=] is null: 1. Let |request_size| equal 0. @@ -7349,6 +7357,9 @@ An auction data config is a [=struct=] with the following [=struct/it : coordinator :: The origin of the coordinator hosting public encryption keys for the server running the ad auction. The [=origin/scheme=] must be "`https`". + : encryption key + :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used + to construct the request. : request size :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. From b2825f3d9c58a9ce09cb04d7ff76ac520ac65e4b Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Wed, 11 Sep 2024 21:27:49 +0000 Subject: [PATCH 05/20] Move key lookup to parallel queue --- spec.bs | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/spec.bs b/spec.bs index b71a8f9a8..b01c05006 100644 --- a/spec.bs +++ b/spec.bs @@ -2948,6 +2948,21 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. Let |p| be [=a new promise=]. 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: + 1. If |config|'s [=auction data config/coordinator=] is not one of the [=implementation-defined=] + coordinators supported by this [=user agent=]: + 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to + reject |p| with a {{TypeError}}. + 1. Abort these steps. + 1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public + encryption keys that the coordinator corresponding to |config|'s [=auction data config/coordinator=] + associates with |config|'s [=auction data config/seller], or failure if no + key is available. The actual method for this lookup is + [=implementation-defined=], and may consist of fetching the keys from a known [=URL=]. + 1. If |key| is failure then: + 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to + reject |p| with a {{TypeError}}. + 1. Abort these steps. + 1. Set |config|'s [=auction data config/encryption key=] to |key|. 1. Let |igMap| be a new [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=lists=]. 1. Let |startTime| be a [=moment=] equal to the [=current wall time=]. 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: @@ -3031,14 +3046,6 @@ The getInterestGroupAdAuctionData(|configIDL|) m |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] 1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=] fields are failure, then [=exception/throw=] a {{TypeError}}. - 1. If |config|'s [=auction data config/coordinator=] is not one of the [=implementation-defined=] - coordinators supported by this [=user agent=], then [=exception/throw=] a {{TypeError}}. - 1. Set |config|'s [=auction data config/encryption key=] to one of the [[RFC9180|HPKE]] public - encryption keys that the coordinator corresponding to |config|'s [=auction data config/coordinator=] - associates with |config|'s [=auction data config/seller]. The actual method - for this lookup is [=implementation-defined=], and may consist of fetching - the keys from a known [=URL=]. If the public key is not available, then - [=exception/throw=] a {{TypeError}}. 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and |config|'s [=auction data config/request size=] is null: 1. Let |request_size| equal 0. From 6d02ea3c39b0b18337d7bb5c261245a62b50b1be Mon Sep 17 00:00:00 2001 From: "Benjamin \"Russ\" Hamilton" Date: Fri, 27 Sep 2024 15:57:31 -0400 Subject: [PATCH 06/20] Apply suggestions from code review Co-authored-by: qingxinwu <6334674+qingxinwu@users.noreply.github.com> --- spec.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec.bs b/spec.bs index b01c05006..6ceeacc73 100644 --- a/spec.bs +++ b/spec.bs @@ -2951,7 +2951,7 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. If |config|'s [=auction data config/coordinator=] is not one of the [=implementation-defined=] coordinators supported by this [=user agent=]: 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to - reject |p| with a {{TypeError}}. + [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public encryption keys that the coordinator corresponding to |config|'s [=auction data config/coordinator=] @@ -2960,7 +2960,7 @@ The getInterestGroupAdAuctionData(|configIDL|) m [=implementation-defined=], and may consist of fetching the keys from a known [=URL=]. 1. If |key| is failure then: 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to - reject |p| with a {{TypeError}}. + [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Set |config|'s [=auction data config/encryption key=] to |key|. 1. Let |igMap| be a new [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=lists=]. From 593aa6e4a7ed2b790075e03dcd433ef340e5eb98 Mon Sep 17 00:00:00 2001 From: brusshamilton Date: Tue, 24 Sep 2024 13:53:39 -0400 Subject: [PATCH 07/20] Apply suggestions from code review Co-authored-by: qingxinwu <6334674+qingxinwu@users.noreply.github.com> --- spec.bs | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/spec.bs b/spec.bs index 6ceeacc73..752031011 100644 --- a/spec.bs +++ b/spec.bs @@ -3034,13 +3034,13 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. Let |config| be a new [=auction data config=] with the following [=struct/items=]: : [=auction data config/seller=] - :: The result of running [=parsing an https origin=] on + :: The result of running [=parse an https origin=] on |configIDL|["{{AdAuctionDataConfig/seller}}"] : [=auction data config/coordinator=] - :: The result of running [=parsing an https origin=] on + :: The result of running [=parse an https origin=] on |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"] : [=auction data config/request size=] - :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"] + :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"] if it [=map/exists=], null otherwise : [=auction data config/per buyer config=] :: The result of running [=parse per buyer auction data configs=] on |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] @@ -3048,12 +3048,12 @@ The getInterestGroupAdAuctionData(|configIDL|) m fields are failure, then [=exception/throw=] a {{TypeError}}. 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and |config|'s [=auction data config/request size=] is null: - 1. Let |request_size| equal 0. - 1. [=list/For each] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]: + 1. Let |requestSize| be 0. + 1. [=list/For each=] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]: 1. If |buyerConfig|'s [=auction data buyer config/size=] is null, then [=exception/throw=] a {{TypeError}}. - 1. Set |request_size| to |request_size| + |buyerConfig|'s [=auction data buyer config/size=] - 1. Set |config|'s [=auction data config/request size=] to |request_size|. + 1. Set |requestSize| to |requestSize| + |buyerConfig|'s [=auction data buyer config/size=] + 1. Set |config|'s [=auction data config/request size=] to |requestSize|. 1. Return |config|. @@ -3061,14 +3061,14 @@ The getInterestGroupAdAuctionData(|configIDL|) m To parse per buyer auction data configs given an {{AdAuctionDataBuyerConfig}} |perBuyerConfigIDL|: 1. Let |configs| be a new [=ordered map=] whose [=map/keys=] are [=origins=] - and whose [=map/values=] are [=auction data config=] + and whose [=map/values=] are [=auction data configs=]. 1. [=map/For each=] |buyerIDL| → |buyerConfigIDL| of |perBuyerConfigIDL|: 1. Let |buyerConfig| be a new [=auction data buyer config=] with the following [=struct/items=]: : [=auction data buyer config/size=] - :: |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] - 1. Let |buyer| be the result of running [=parsing an https origin=] on |buyerIDL|. + :: |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] if it [=map/exists=], null otherwise. + 1. Let |buyer| be the result of running [=parse an https origin=] on |buyerIDL|. 1. If |buyer| is failure, then [=exception/throw=] a {{TypeError}}. - 1. [=map/Set=] configs[|buyer|] to |buyerConfig|. + 1. [=map/Set=] |configs|[|buyer|] to |buyerConfig|. 1. Return |configs|. From cd1c21c9adb95e5453f846cba221728eda837a0a Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Tue, 24 Sep 2024 18:54:28 +0000 Subject: [PATCH 08/20] Address comments --- spec.bs | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/spec.bs b/spec.bs index 752031011..86a388b58 100644 --- a/spec.bs +++ b/spec.bs @@ -2896,7 +2896,8 @@ A server auction interest group is a [=struct=] with the following [= : browser signals :: A [=server auction browser signals=]. : priority - :: A {{double}} + :: A {{double}}. Used to select which interest groups for a given buyer are excluded + from the serialized request due to space limitations. A server auction browser signals is a [=struct=] with the following [=struct/items=]: @@ -2944,7 +2945,7 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. Let |global| be [=this=]'s [=relevant global object=]. 1. If |global|'s [=associated Document=] is not [=allowed to use=] the "[=run-ad-auction=]" [=policy-controlled feature=], then [=exception/throw=] a "{{NotAllowedError}}" {{DOMException}}. -1. Let |config| be the result of running [=parse and verify ad auction config=] on |configIDL|. +1. Let |config| be the result of running [=parse and verify ad auction data config=] on |configIDL|. 1. Let |p| be [=a new promise=]. 1. Let |queue| be the result of [=starting a new parallel queue=]. 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|: @@ -2968,6 +2969,8 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: 1. If |ig|'s [=interest group/ads=] is null or [=list/is empty=], [=iteration/continue=]. 1. Let |owner| be |ig|'s [=interest group/owner=]. + 1. If |config|["per buyer config"] [=map/is empty=] or + |config|["per buyer config"][|owner|] does not [=map/exist=], then [=iteration/continue=]. 1. If |igMap|[|owner|] does not [=map/exist=], then [=map/set=] |igMap|[|owner|] to a new [=list=]. 1. Let |ads| be a new [=list=]. 1. [=list/For each=] |ad| in |ig|'s [=interest group/ads=], [=list/append=] |ad|'s [=interest group ad/ad render ID=] to |ads|. @@ -3030,22 +3033,23 @@ The getInterestGroupAdAuctionData(|configIDL|) m
- To parse and verify ad auction config given an {{AdAuctionDataConfig}} |configIDL|: + To parse and verify ad auction data config given an {{AdAuctionDataConfig}} |configIDL|: + 1. Let |seller| be the result of running [=parse an https origin=] on + |configIDL|["{{AdAuctionDataConfig/seller}}"]. + 1. Let |coordinator| be the result of running [=parse an https origin=] on + |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"]. + 1. If |seller| or |coordinator| are failure, then [=exception/throw=] a {{TypeError}}. 1. Let |config| be a new [=auction data config=] with the following [=struct/items=]: : [=auction data config/seller=] - :: The result of running [=parse an https origin=] on - |configIDL|["{{AdAuctionDataConfig/seller}}"] + :: |seller| : [=auction data config/coordinator=] - :: The result of running [=parse an https origin=] on - |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"] + :: |coordinator| : [=auction data config/request size=] :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"] if it [=map/exists=], null otherwise : [=auction data config/per buyer config=] :: The result of running [=parse per buyer auction data configs=] on |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"] - 1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=] - fields are failure, then [=exception/throw=] a {{TypeError}}. 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and |config|'s [=auction data config/request size=] is null: 1. Let |requestSize| be 0. @@ -3063,9 +3067,10 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. Let |configs| be a new [=ordered map=] whose [=map/keys=] are [=origins=] and whose [=map/values=] are [=auction data configs=]. 1. [=map/For each=] |buyerIDL| → |buyerConfigIDL| of |perBuyerConfigIDL|: - 1. Let |buyerConfig| be a new [=auction data buyer config=] with the following [=struct/items=]: - : [=auction data buyer config/size=] - :: |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] if it [=map/exists=], null otherwise. + 1. Let |buyerConfig| be a new [=auction data buyer config=] whose + [=auction data buyer config/size=] is + |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] if it + [=map/exists=], null otherwise. 1. Let |buyer| be the result of running [=parse an https origin=] on |buyerIDL|. 1. If |buyer| is failure, then [=exception/throw=] a {{TypeError}}. 1. [=map/Set=] |configs|[|buyer|] to |buyerConfig|. From aa50ea5126205a0b9c2ae435de11c36a3be827a1 Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Thu, 26 Sep 2024 19:44:24 +0000 Subject: [PATCH 09/20] Address comments --- spec.bs | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/spec.bs b/spec.bs index 86a388b58..857aa69f7 100644 --- a/spec.bs +++ b/spec.bs @@ -2969,8 +2969,9 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: 1. If |ig|'s [=interest group/ads=] is null or [=list/is empty=], [=iteration/continue=]. 1. Let |owner| be |ig|'s [=interest group/owner=]. - 1. If |config|["per buyer config"] [=map/is empty=] or - |config|["per buyer config"][|owner|] does not [=map/exist=], then [=iteration/continue=]. + 1. If |config|'s [=auction data config/per buyer config=] [=map/is empty=] or + |config|'s [=auction data config/per buyer config=][|owner|] does not + [=map/exist=], then [=iteration/continue=]. 1. If |igMap|[|owner|] does not [=map/exist=], then [=map/set=] |igMap|[|owner|] to a new [=list=]. 1. Let |ads| be a new [=list=]. 1. [=list/For each=] |ad| in |ig|'s [=interest group/ads=], [=list/append=] |ad|'s [=interest group ad/ad render ID=] to |ads|. @@ -3056,7 +3057,7 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. [=list/For each=] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]: 1. If |buyerConfig|'s [=auction data buyer config/size=] is null, then [=exception/throw=] a {{TypeError}}. - 1. Set |requestSize| to |requestSize| + |buyerConfig|'s [=auction data buyer config/size=] + 1. Set |requestSize| to |requestSize| + |buyerConfig|'s [=auction data buyer config/size=]. 1. Set |config|'s [=auction data config/request size=] to |requestSize|. 1. Return |config|.
@@ -3067,8 +3068,8 @@ The getInterestGroupAdAuctionData(|configIDL|) m 1. Let |configs| be a new [=ordered map=] whose [=map/keys=] are [=origins=] and whose [=map/values=] are [=auction data configs=]. 1. [=map/For each=] |buyerIDL| → |buyerConfigIDL| of |perBuyerConfigIDL|: - 1. Let |buyerConfig| be a new [=auction data buyer config=] whose - [=auction data buyer config/size=] is + 1. Let |buyerConfig| be a new [=auction data buyer config=]. + 1. Set |buyerConfig|'s [=auction data buyer config/size=] to |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] if it [=map/exists=], null otherwise. 1. Let |buyer| be the result of running [=parse an https origin=] on |buyerIDL|. From 54e8bfd455ceba0154d9c77f694fc211d23adab0 Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Fri, 27 Sep 2024 14:18:21 +0000 Subject: [PATCH 10/20] Add domintro for AdAuctionDataConfig --- spec.bs | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/spec.bs b/spec.bs index 857aa69f7..adc5451d9 100644 --- a/spec.bs +++ b/spec.bs @@ -2862,23 +2862,51 @@ partial interface Navigator { Promise getInterestGroupAdAuctionData(AdAuctionDataConfig config); }; +dictionary AdAuctionData { + required Uint8Array request; + required USVString requestId; +}; + + + dictionary AdAuctionDataConfig { required USVString seller; required USVString coordinatorOrigin; unsigned long requestSize; record<USVString, AdAuctionDataBuyerConfig> perBuyerConfig; }; + + +
+
{{AdAuctionDataConfig/seller}} +
The seller that will be used as the {{AuctionAdConfig/seller}} in the + following {{AuctionAdConfig}} passed to {{Window/navigator}}.{{Navigator/runAdAuction()}}. +
{{AdAuctionDataConfig/coordinatorOrigin}} +
The origin of the coordinator hosting public encryption keys for the server + running the ad auction. The [=origin/scheme=] must be "`https`". An implementation + may select which coordinators are acceptable. +
{{AdAuctionDataConfig/requestSize}} +
The desired size for the returned response. If any buyers are specified in + the per-buyer config, this will be the exact size of the returned request. + Otherwise the returned request will be at most the + {{AdAuctionDataConfig/requestSize}}. +
{{AdAuctionDataConfig/perBuyerConfig}} +
A [=map=] +
+ dictionary AdAuctionDataBuyerConfig { unsigned long targetSize; }; - -dictionary AdAuctionData { - required Uint8Array request; - required USVString requestId; -}; +
+
{{AdAuctionDataBuyerConfig/targetSize}} +
The size of the request to allocate for this buyer. Required when + {{AdAuctionDataConfig}}'s {{AdAuctionDataConfig/requestSize}} is not + specified. +
+ A server auction interest group is a [=struct=] with the following [=struct/items=]:
: name From 930b98a090324b7bf137ad90030d28bad3eca706 Mon Sep 17 00:00:00 2001 From: Russ Hamilton Date: Fri, 27 Sep 2024 14:20:11 +0000 Subject: [PATCH 11/20] Fix missing description --- spec.bs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index adc5451d9..d89c5bd13 100644 --- a/spec.bs +++ b/spec.bs @@ -2891,7 +2891,8 @@ dictionary AdAuctionDataConfig { Otherwise the returned request will be at most the {{AdAuctionDataConfig/requestSize}}.
{{AdAuctionDataConfig/perBuyerConfig}} -
A [=map=] +
A [=map=] whose [=map/keys=] are [=origins=] are the buyers that should + be included in the returned request.
From 6a9eaf98af048159674007aaf467abea828bffea Mon Sep 17 00:00:00 2001 From: "Benjamin \"Russ\" Hamilton" <brusshamilton@gmail.com> Date: Fri, 27 Sep 2024 13:51:46 -0400 Subject: [PATCH 12/20] Apply suggestions from code review Co-authored-by: qingxinwu <6334674+qingxinwu@users.noreply.github.com> --- spec.bs | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/spec.bs b/spec.bs index d89c5bd13..38146d13d 100644 --- a/spec.bs +++ b/spec.bs @@ -2886,13 +2886,12 @@ dictionary AdAuctionDataConfig { running the ad auction. The [=origin/scheme=] must be "`https`". An implementation may select which coordinators are acceptable. <dt>{{AdAuctionDataConfig/requestSize}} - <dd>The desired size for the returned response. If any buyers are specified in - the per-buyer config, this will be the exact size of the returned request. - Otherwise the returned request will be at most the + <dd>The desired size for the returned {{AdAuctionData/request}}. If any buyers are specified in + {{AdAuctionDataConfig/perBuyerConfig}}, this will be the exact size of the returned {{AdAuctionData/request}}. + Otherwise the returned {{AdAuctionData/request}}'s size will be at most the {{AdAuctionDataConfig/requestSize}}. <dt>{{AdAuctionDataConfig/perBuyerConfig}} - <dd>A [=map=] whose [=map/keys=] are [=origins=] are the buyers that should - be included in the returned request. + <dd>[=map/keys=] are [=serialization of an origin|serialized origins=] of buyers that should be included in the returned request. </dl> <xmp class="idl"> From 91e9f957b38e4467b8c658b20f22388cbc0168ec Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Fri, 27 Sep 2024 18:00:30 +0000 Subject: [PATCH 13/20] Describe values of {{AdAuctionDataConfig/perBuyerConfig}} --- spec.bs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 38146d13d..6362b8d0d 100644 --- a/spec.bs +++ b/spec.bs @@ -2891,7 +2891,9 @@ dictionary AdAuctionDataConfig { Otherwise the returned {{AdAuctionData/request}}'s size will be at most the {{AdAuctionDataConfig/requestSize}}. <dt>{{AdAuctionDataConfig/perBuyerConfig}} - <dd>[=map/keys=] are [=serialization of an origin|serialized origins=] of buyers that should be included in the returned request. + <dd>[=map/Keys=] are [=serialization of an origin|serialized origins=] of + buyers that should be included in the returned request. [=map/Values=] are + {{AdAuctionDataBuyerConfig}} for that buyer. </dl> <xmp class="idl"> From 23cd2c6bef8ad6a7c893944990a30ffe499564c1 Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Fri, 27 Sep 2024 19:06:42 +0000 Subject: [PATCH 14/20] Fix filtering logic --- spec.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 6362b8d0d..830a8ab7f 100644 --- a/spec.bs +++ b/spec.bs @@ -2999,7 +2999,7 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: 1. If |ig|'s [=interest group/ads=] is null or [=list/is empty=], [=iteration/continue=]. 1. Let |owner| be |ig|'s [=interest group/owner=]. - 1. If |config|'s [=auction data config/per buyer config=] [=map/is empty=] or + 1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and |config|'s [=auction data config/per buyer config=][|owner|] does not [=map/exist=], then [=iteration/continue=]. 1. If |igMap|[|owner|] does not [=map/exist=], then [=map/set=] |igMap|[|owner|] to a new [=list=]. From ff4b6251eab5f274ba4d84dcd465799a1fdc8e35 Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Fri, 27 Sep 2024 20:02:48 +0000 Subject: [PATCH 15/20] rephrase --- spec.bs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/spec.bs b/spec.bs index 830a8ab7f..eee178f58 100644 --- a/spec.bs +++ b/spec.bs @@ -2985,10 +2985,11 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public - encryption keys that the coordinator corresponding to |config|'s [=auction data config/coordinator=] - associates with |config|'s [=auction data config/seller], or failure if no - key is available. The actual method for this lookup is - [=implementation-defined=], and may consist of fetching the keys from a known [=URL=]. + encryption keys for |config|'s [=auction data config/seller] as determined + by the coordinator specified in |config|'s + [=auction data config/coordinator=], or failure if no key is available. The + actual method for this lookup is [=implementation-defined=], and may + consist of fetching the keys from a known [=URL=]. 1. If |key| is failure then: 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a {{TypeError}}. From d38c4f77a18d28c7d8eb2ff28f3876ff83b39361 Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Mon, 30 Sep 2024 21:05:14 +0000 Subject: [PATCH 16/20] Address comments --- spec.bs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/spec.bs b/spec.bs index f2d05adb9..40adc7df9 100644 --- a/spec.bs +++ b/spec.bs @@ -3201,11 +3201,10 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public - encryption keys for |config|'s [=auction data config/seller] as determined - by the coordinator specified in |config|'s - [=auction data config/coordinator=], or failure if no key is available. The - actual method for this lookup is [=implementation-defined=], and may - consist of fetching the keys from a known [=URL=]. + encryption keys for |config|'s [=auction data config/seller=] as determined + by |config|'s [=auction data config/coordinator=], or failure if no key is + available. The actual method for this lookup is [=implementation-defined=], + and may consist of fetching the keys from a known [=URL=]. 1. If |key| is failure then: 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a {{TypeError}}. @@ -7675,7 +7674,7 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it running the ad auction. The [=origin/scheme=] must be "`https`". : <dfn>encryption key</dfn> :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used - to construct the request. + to encrypt the request. : <dfn>request size</dfn> :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. From 935b5f8dd54ec96627fca1f89d45bc081e93d19c Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Tue, 1 Oct 2024 16:24:28 +0000 Subject: [PATCH 17/20] rephrase and add key id --- spec.bs | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/spec.bs b/spec.bs index 40adc7df9..adc222a70 100644 --- a/spec.bs +++ b/spec.bs @@ -3200,9 +3200,10 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. - 1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public - encryption keys for |config|'s [=auction data config/seller=] as determined - by |config|'s [=auction data config/coordinator=], or failure if no key is + 1. Let |key|,|key id| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public + encryption keys for |config|'s [=auction data config/seller=] and its + corresponding key id as determined by |config|'s + [=auction data config/coordinator=], or failure if no key is available. The actual method for this lookup is [=implementation-defined=], and may consist of fetching the keys from a known [=URL=]. 1. If |key| is failure then: @@ -3210,6 +3211,7 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Set |config|'s [=auction data config/encryption key=] to |key|. + 1. Set |config|'s [=auction data config/encryption key id=] to |key id|. 1. Let |igMap| be a new [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=lists=]. 1. Let |startTime| be a [=moment=] equal to the [=current wall time=]. 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: @@ -7675,6 +7677,8 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it : <dfn>encryption key</dfn> :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used to encrypt the request. + : <dfn>encryption key id</dfn> + :: An {{octet}} containing the key id corresponding to the [=auction data config/encryption key=]. : <dfn>request size</dfn> :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. From a7e1b5d6770cf26a83749a53bc9581bd05f6c7e0 Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Tue, 1 Oct 2024 16:28:46 +0000 Subject: [PATCH 18/20] capitalize ID --- spec.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec.bs b/spec.bs index adc222a70..1bce0ca44 100644 --- a/spec.bs +++ b/spec.bs @@ -3202,7 +3202,7 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m 1. Abort these steps. 1. Let |key|,|key id| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public encryption keys for |config|'s [=auction data config/seller=] and its - corresponding key id as determined by |config|'s + corresponding key ID as determined by |config|'s [=auction data config/coordinator=], or failure if no key is available. The actual method for this lookup is [=implementation-defined=], and may consist of fetching the keys from a known [=URL=]. @@ -7678,7 +7678,7 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used to encrypt the request. : <dfn>encryption key id</dfn> - :: An {{octet}} containing the key id corresponding to the [=auction data config/encryption key=]. + :: An {{octet}} containing the key ID corresponding to the [=auction data config/encryption key=]. : <dfn>request size</dfn> :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. From 0fd127077fd587bd828849d3b4dc6107428c34ce Mon Sep 17 00:00:00 2001 From: Russ Hamilton <behamilton@google.com> Date: Tue, 1 Oct 2024 18:29:22 +0000 Subject: [PATCH 19/20] rephrase --- spec.bs | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/spec.bs b/spec.bs index 1bce0ca44..f3ebe5527 100644 --- a/spec.bs +++ b/spec.bs @@ -3200,18 +3200,16 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. - 1. Let |key|,|key id| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public - encryption keys for |config|'s [=auction data config/seller=] and its - corresponding key ID as determined by |config|'s - [=auction data config/coordinator=], or failure if no key is - available. The actual method for this lookup is [=implementation-defined=], - and may consist of fetching the keys from a known [=URL=]. - 1. If |key| is failure then: - 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to - [=reject=] |p| with a {{TypeError}}. - 1. Abort these steps. + 1. Let |keyInfo| be the result of [=looking up the server encryption key=] + with config|'s [=auction data config/seller=] and |config|'s + [=auction data config/coordinator=]. + 1. If |keyInfo| is failure: + 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to + [=reject=] |p| with a {{TypeError}}. + 1. Abort these steps. + 1. Let (|key|, |keyId|) be |keyInfo|. 1. Set |config|'s [=auction data config/encryption key=] to |key|. - 1. Set |config|'s [=auction data config/encryption key id=] to |key id|. + 1. Set |config|'s [=auction data config/encryption key id=] to |keyId|. 1. Let |igMap| be a new [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=lists=]. 1. Let |startTime| be a [=moment=] equal to the [=current wall time=]. 1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]: @@ -3326,6 +3324,18 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m 1. Return |configs|. </div> +<div algorithm> + To <dfn>look up the server encryption key</dfn> given an [=origin=] |seller| + and an [=origin=] |coordinator|: + 1. Let |keys| be a [=list=] of ([=byte sequence=], [=byte=]) pairs returned + from looking up the [[RFC9180|HPKE]] public key encryption keys and their + corresponding key IDs for |seller| specified by |coordinator|. The actual + implementation of this lookup is [=implementation-defined=], and may + consist of fetching the keys from a known [=URL=]. + 1. If |keys| is failure or |keys| [=list/is empty=], return failure. + 1. Return an element from |keys|, chosen at random. +</div> + # Reporting # {#reporting} ## {{InterestGroupBiddingAndScoringScriptRunnerGlobalScope/forDebuggingOnly}} ## {#for-debugging-only-header} @@ -7678,7 +7688,7 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used to encrypt the request. : <dfn>encryption key id</dfn> - :: An {{octet}} containing the key ID corresponding to the [=auction data config/encryption key=]. + :: An [=byte=] containing the key ID corresponding to the [=auction data config/encryption key=]. : <dfn>request size</dfn> :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob. From dabe1f8aaf38fb652703960bf0deee70956133d8 Mon Sep 17 00:00:00 2001 From: "Benjamin \"Russ\" Hamilton" <brusshamilton@gmail.com> Date: Tue, 1 Oct 2024 15:18:54 -0400 Subject: [PATCH 20/20] Apply suggestions from code review Co-authored-by: qingxinwu <6334674+qingxinwu@users.noreply.github.com> --- spec.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec.bs b/spec.bs index f3ebe5527..bff904be0 100644 --- a/spec.bs +++ b/spec.bs @@ -3201,7 +3201,7 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m [=reject=] |p| with a {{TypeError}}. 1. Abort these steps. 1. Let |keyInfo| be the result of [=looking up the server encryption key=] - with config|'s [=auction data config/seller=] and |config|'s + with |config|'s [=auction data config/seller=] and |config|'s [=auction data config/coordinator=]. 1. If |keyInfo| is failure: 1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to @@ -7688,7 +7688,7 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used to encrypt the request. : <dfn>encryption key id</dfn> - :: An [=byte=] containing the key ID corresponding to the [=auction data config/encryption key=]. + :: A [=byte=] containing the key ID corresponding to the [=auction data config/encryption key=]. : <dfn>request size</dfn> :: {{unsigned long}} or null. An optional field, containing the desired size for the returned encrypted request blob.