Open abhisagw opened 6 months ago
Chrome fetches the key commitments and distributes them to Chrome clients through a mechanism called Component Updater. Chromium and some Chromium derivatives use a combination of the same components as deployed by Chrome or generate their own components.
You can check "chrome://components/" on Chrome (and similar pages on other browsers) to see if there's a "Trust Token Key Commitment" component installed. (the name is historical from when PST was originally called Trust Token).
As other browsers add more complete support for the API, they'll need to establish a process for getting the key commitments to the client, either through a component updater-style method or some other method.
Currently PST issuer registration is being done through this Google Chrome repository.
We are observing that for issuers registered through the above repository, tokens are getting issued not just on Google Chrome but across other Chromium family browsers (like Edge, Chromium) as well. Can you please help with the below queries regarding this: