search

privacycg / private-click-measurement

Private Click Measurement
https://privacycg.github.io/private-click-measurement/
196 stars 8 forks source link

Naming for link attribute, report fields, and well-known locations for PCM fraud prevention with unlinkable tokens #73

Open johnwilander opened 3 years ago

johnwilander commented 3 years ago

We'd like to get feedback on these name choices:

Link Attribute

attributionsourcenonce/attributionSourceNonce: This is the random nonce the click source provides so that subsequent requests for signing an unlinkable token can be done with knowledge of the context of the click even though the user has left the click source webpage.

Example: <a href="https://shop.example" attributionsourceid="55" attributeon="https://shop.example" attributionsourcenonce="ABCDEFabcdef0123456789">Link to be measured</a>

Well-Known Locations

/.well-known/private-click-measurement/sign-unlinkable-token/: This is the well-known location where the browser sends an unlinkable token together with the attribution source nonce to get a token signature.

/.well-known/private-click-measurement/get-token-public-key/: This is the well-known location where the browser fetches the public key associated with the private key used for signing tokens. Note that this key is associated with signatures that validate both unlinkable and secret tokens.

Attribution Report Fields

source_secret_token: This field in the JSON report will contain the secret token associated with the unlinkable token signed by the click source. Note that the source prefix is needed here to allow for a similar token from the attribute-on website.

source_secret_token_signature: This field in the JSON report will contain the secret token signature associated with the unlinkable token signature from the click source. Note that the source prefix is needed here to allow for a similar signature from the attribute-on website.

Example:

{
  "source_engagement_type": "click",
  "source_site": "https://news.example",
  "source_id": 55,
  "attributed_on_site": "https://shop.example",
  "trigger_data": 10,
  "source_secret_token": <encoded token>,
  "source_secret_token_signature": <encoded signature>,
  "version": 2
}
johnwilander commented 3 years ago

Ping @csharrison, @johannhof, @eligrey, @johnivdel, and @maudnals.

johnwilander commented 3 years ago

Now that we've changed the link attribute from attributeOn to attributionDestination, should we change the JSON key "attributed_on_site" to "destination_site"? It would be in harmony with "source_site".