Specify revocation of storage access through Clear-Site-Data

[johannhof]

We should specify how CSD interacts with SAA. Using Clear-Site-Data: cookies from an embedded context should probably clear storage access permissions as well. It's a bit unclear what happens when the top-level sends that header, but https://github.com/privacycg/storage-partitioning/issues/11#issuecomment-662932069 hints at the fact that we probably don't want to allow the 1P to clear storage access for an embedded 3P either.

Anyway, besides the privacy hygiene aspect, having the ability to reset their own storage access along with clearing cookies could also have some utility for embeddees.

[annevk]

I'm somewhat concerned about giving websites the ability to revoke permissions. It seems this could lead to a confusing user experience where the user ends up seeing the same dialog over and over.

[johannhof]

Ah yeah this was discussed in #7 which I forgot to reference here. I didn't really understand your concern there but I think I do now.

So, I can see the ability for buggy sites to cause a bad UX with this and I appreciate you bringing up that concern! I guess I'm somewhat wondering if this is a super cookie or similar privacy risk, where state that is cleared by the site (voluntarily, yes, still) isn't cleared after all because the site still has access to 3P cookies.

I guess there's a similar consideration when we say we don't allow 1Ps to clear 3Ps. I could see a compliance aspect to this where a site may want to make sure that they completely end exposure to any data, both partitioned and non-partitioned and we make that difficult to achieve.

[johannhof]

We discussed this again among editors and the decision is to not do anything here right now, which means that there's no mandate to clear user storage access permissions via CSD.