Closed lcslima closed 4 months ago
Unfortunately it appears your key commitment endpoint has a "CERT_COMMON_NAME_INVALID" error (likely due to a misconfigured certificate, it seems to be presenting a certificate for azureedge.net rather than pst-issuer.clearsale.com.br) and we are unable to verify the contents of the key commitment.
Please let us know once that's been fixed and we'll take another look.
Hello,
I hope you are well.
We made the correction, can you check?
Thanks
The content looks good, however one of the changes that landed since the origin trial was to require an "application/pst-issuer-directory" content-type/media-type on the key commitments (https://github.com/WICG/trust-token-api/blob/main/spec.bs#L183) to confirm that they're intended to be interpreted as key commitments.
Let me know when you've updated the endpoint and we can rerun the configuration.
Hello,
Update complete, can you confirm we are now compliant?
Thanks!
Your keys have been successfully parsed, they should be available in Chrome via component updater in approximately 4 hours (you can force an update by going to chrome://components/ and hitting "Check for update" under Trust Token Key Commitments).
Issuer Name
Clearsale Anti Fraud
Origin
https://pst-issuer.clearsale.com.br
Contact Email
suporte.behavior@clear.sale
Key Commitment Endpoint URL
https://pst-issuer.clearsale.com.br/.well-known/private-state-token/key-commitment
Purpose
Summary: Private State Token issuer request - Clearsale Anti Fraud Description: Clearsale Anti Fraud to detect invalid devices Issuer Name : Clearsale Anti Fraud Origin : https://pst-issuer.clearsale.com.br Contact: suporte.behavior@clear.sale Key Commitment Endpoint URL: https://pst-issuer.clearsale.com.br/.well-known/private-state-token/key-commitment Purpose: Detect invalid devices
Disclosure and Acknowledgement