Private State Token issuer request - Amazon ads issuer

[khemkasud]

Summary: Private State Token issuer request - Amazon ads issuer Description: Amazon ads issuer to detect invalid traffic Issuer Name : Amazon Ads issuer Origin : https://www.amazon.com Contact: amazon-ads-pst-issuer@amazon.com Key Commitment Endpoint URL: https://www.amazon.com/tt/k Purpose: Invalid traffic detection

Disclosure & Acknowledgement:

I understand the technical restrictions on key rotation frequency of 60 days in the PST API. I understand that my issuer registration will be valid for a period of six months after the key commitment is accepted, and that I will need to re-register in this repository following that six-month period. I understand that in the future renewing my registration for this API may have additional requirements, to reduce the risk of abuse by token issuers.

[dvorak42]

The content looks good, however one of the changes that landed since the origin trial was to require an "application/pst-issuer-directory" content-type/media-type on the key commitments (https://github.com/WICG/trust-token-api/blob/main/spec.bs#L183) to confirm that they're intended to be interpreted as key commitments.

Let me know when you've updated the endpoint and we can rerun the configuration.

[khemkasud]

@dvorak42, thanks for pointing this. We have corrected the API.

[dvorak42]

Your keys have been successfully parsed, they should be available in Chrome via component updater in approximately 4 hours (you can force an update by going to chrome://components/ and hitting "Check for update" under Trust Token Key Commitments).