From 59fec48eb3fd0d2568b03066d84dcd1032c2f25f Mon Sep 17 00:00:00 2001 From: Garrett Tanzer Date: Mon, 15 May 2023 15:44:54 -0400 Subject: [PATCH 1/6] Add note about pending configs --- spec.bs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/spec.bs b/spec.bs index 61108b1e..f6545e00 100644 --- a/spec.bs +++ b/spec.bs @@ -410,6 +410,15 @@ A fenced frame config mapping has three submappings: configs=] +---------------------------------------------------------------------------------------------------- +Note: The purpose of pending configs is to enable config-generating APIs to resolve configs +asynchronously in a way that doesn't create timing side channels, i.e., the pending config is +returned to the web platform in a constant amount of time, before any computation whose duration +depends on cross-site data. Because the privacy of this depends on the web platform not being able +to discern when a pending config is finalized, it is important that all visibilities and values of +transparent fields do not change from the pending config to the finalized config, because they can +be inspected through {{FencedFrameConfig}}'s getters. + Each [=fenced frame config mapping=] has a maximum number of configs, which is implementation-defined. The [=fenced frame config mapping/maximum number of configs=] may be a nonnegative number or infinity. From 6c401265b9a76e88cc4c6448a75f15f0749d07a6 Mon Sep 17 00:00:00 2001 From: Garrett Tanzer Date: Mon, 15 May 2023 15:46:07 -0400 Subject: [PATCH 2/6] Oops --- spec.bs | 1 - 1 file changed, 1 deletion(-) diff --git a/spec.bs b/spec.bs index f6545e00..14df387a 100644 --- a/spec.bs +++ b/spec.bs @@ -410,7 +410,6 @@ A fenced frame config mapping has three submappings: configs=] ----------------------------------------------------------------------------------------------------- Note: The purpose of pending configs is to enable config-generating APIs to resolve configs asynchronously in a way that doesn't create timing side channels, i.e., the pending config is returned to the web platform in a constant amount of time, before any computation whose duration From 1616986dcf5f6b72b1f133351a173a927a1344cc Mon Sep 17 00:00:00 2001 From: Garrett Tanzer Date: Mon, 15 May 2023 15:47:59 -0400 Subject: [PATCH 3/6] Slight rephrase --- spec.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec.bs b/spec.bs index 14df387a..c30a8928 100644 --- a/spec.bs +++ b/spec.bs @@ -415,8 +415,8 @@ asynchronously in a way that doesn't create timing side channels, i.e., the pend returned to the web platform in a constant amount of time, before any computation whose duration depends on cross-site data. Because the privacy of this depends on the web platform not being able to discern when a pending config is finalized, it is important that all visibilities and values of -transparent fields do not change from the pending config to the finalized config, because they can -be inspected through {{FencedFrameConfig}}'s getters. +transparent fields do not change from the pending config to the finalized config, given that they +can be inspected through {{FencedFrameConfig}}'s getters. Each [=fenced frame config mapping=] has a maximum number of configs, which is implementation-defined. The [=fenced frame config mapping/maximum number of From e219d6520cce86678e1c26a9c75126974744db43 Mon Sep 17 00:00:00 2001 From: Dominic Farolino Date: Tue, 16 May 2023 07:14:13 -0400 Subject: [PATCH 4/6] Update spec.bs Really elaborate on frozen-ness --- spec.bs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index c30a8928..82f84172 100644 --- a/spec.bs +++ b/spec.bs @@ -416,7 +416,9 @@ returned to the web platform in a constant amount of time, before any computatio depends on cross-site data. Because the privacy of this depends on the web platform not being able to discern when a pending config is finalized, it is important that all visibilities and values of transparent fields do not change from the pending config to the finalized config, given that they -can be inspected through {{FencedFrameConfig}}'s getters. +can be inspected through {{FencedFrameConfig}}'s getters. Therefore, a {{FencedFrameConfig}} that +is created and exposed to the web platform is effectively immutable even if its underlying +{{FencedFrameConfig/config}} is technically "pending", and will asynchronously resolve later. Each [=fenced frame config mapping=] has a maximum number of configs, which is implementation-defined. The [=fenced frame config mapping/maximum number of From 2094ce3025186a61372ea7371d2886bc2d6f96eb Mon Sep 17 00:00:00 2001 From: Dominic Farolino Date: Tue, 16 May 2023 07:16:20 -0400 Subject: [PATCH 5/6] Update spec.bs --- spec.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 82f84172..635d0889 100644 --- a/spec.bs +++ b/spec.bs @@ -418,7 +418,7 @@ to discern when a pending config is finalized, it is important that all visibili transparent fields do not change from the pending config to the finalized config, given that they can be inspected through {{FencedFrameConfig}}'s getters. Therefore, a {{FencedFrameConfig}} that is created and exposed to the web platform is effectively immutable even if its underlying -{{FencedFrameConfig/config}} is technically "pending", and will asynchronously resolve later. +{{FencedFrameConfig/config}} is technically "pending", and will finish resolving completely later. Each [=fenced frame config mapping=] has a maximum number of configs, which is implementation-defined. The [=fenced frame config mapping/maximum number of From 78f5b0fc66fd14eec534b9447d353c77d664b32d Mon Sep 17 00:00:00 2001 From: Dominic Farolino Date: Tue, 16 May 2023 07:19:49 -0400 Subject: [PATCH 6/6] Fix build --- spec.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec.bs b/spec.bs index 635d0889..37ef4d8c 100644 --- a/spec.bs +++ b/spec.bs @@ -418,7 +418,7 @@ to discern when a pending config is finalized, it is important that all visibili transparent fields do not change from the pending config to the finalized config, given that they can be inspected through {{FencedFrameConfig}}'s getters. Therefore, a {{FencedFrameConfig}} that is created and exposed to the web platform is effectively immutable even if its underlying -{{FencedFrameConfig/config}} is technically "pending", and will finish resolving completely later. +[=fencedframeconfig/config=] is technically "pending", and will finish resolving completely later. Each [=fenced frame config mapping=] has a maximum number of configs, which is implementation-defined. The [=fenced frame config mapping/maximum number of