Yahoo DSP is highly interested in the ability to receive the full URL to our K/V server for Protected Audience buying. This is a prerequisite for scaled adoption of Protected Audience by our customers (advertisers) and enables 2 critical use cases:

1. Contextual / brand safety classification: Yahoo DSP relies on pre-classifying web pages into content categories via offline scanning, and we use the resulting cached per-URL classification data in real time bidding. Our customers expect to configure their campaigns to include/exclude buying and/or modify bids based on content category.
2. Per-campaign site/URL lists: Yahoo DSP customers also expect to be able to restrict campaign delivery to an arbitrary subset of web sites according to domain or URL pattern.

Along with offline loading of per-URL classification data and campaign configuration data into the K/V server, we intend to create a user-defined function (in our K/V server) that would perform efficient filtering of eligible campaigns through trusted bidding signals. We would prefer to implement this as soon as possible within the existing client-side auction environment, as opposed to waiting for future availability of Bidding & Auction Services.

Per existing issue #892 we understand Chrome has considered making the URL available to a K/V server running in TEE mode over an encrypted request protocol. Yahoo DSP would prefer an opt-in feature that can be configured by the buyer only (corresponding to the first suggestion from @michaelkleber in issue #892- "Making it possible for an IG to pick a K/V server which the browser can be sure is running in a TEE"). Assuming that is made available in Chrome, Yahoo DSP would begin testing the capability by creating interest groups with the opt-in flag set and pointing to an instance of our K/V server configured appropriately (running in TEE mode with required encryption keys / attestation etc).