Alex Turner
Alex Turner
The length of the payload's plaintext may inadvertently reveal details about its contents (e.g. the number of contributions). To protect against leaking this through the encrypted payload, we may want...
AEAD (Authenticated Encryption with Associated Data) involves a bytestring being provided at encryption time. That exact same bytestring must be provided at decryption time for it to be successful. Certain...
Currently, aggregate attribution reports are [encoded with JSON](https://github.com/WICG/conversion-measurement-api/blob/main/AGGREGATE.md#aggregate-attribution-reports). Given that they contain binary data (the encrypted payloads) and large integers (~2^41, for timestamps), it may be preferable to use [CBOR](https://cbor.io)....
The [aggregate explainer](https://github.com/WICG/conversion-measurement-api/blob/main/AGGREGATE.md#aggregate-attribution-reports) specifies that each helper origin should publish public keys for encrypting report payloads at `/.well-known/aggregation-service/keys.json`. The format of this should be specified.
This concept appears in the HTML spec (https://html.spec.whatwg.org/multipage/common-microsyntaxes.html#unique-values), but is not exported and could be useful elsewhere. Brief discussion here: https://github.com/patcg-individual-drafts/private-aggregation-api/pull/51#discussion_r1213770892
Hi! I noticed a slight disparity between the conditional abort definition and example: https://infra.spec.whatwg.org/#algorithm-conditional-abort. The definition's prose indicates that the "If aborted" step must be run if any steps were...