Intent to Ship: Deprecate and Remove Digital Credential API support for unspecified exchange protocols
12 views
Skip to first unread message
Chromestatus
4:56 PM (2 hours ago) 4:56 PM
to blin...@chromium.org, ma...@chromium.org, rby...@chromium.org
Contact emails
rby...@chromium.org, ma...@chromium.orgExplainer
https://github.com/w3c-fedid/digital-credentials/issues/396Specification
https://w3c-fedid.github.io/digital-credentials/#protocols
Summary
The Digital Credentials API was originally designed to be an opaque pipeline for arbitrary exchange protocols. In November the FedID WG resolved to change this (https://github.com/w3c-fedid/digital-credentials/issues/396) so that the spec normatively referenced only a specific set of exchange protocols.
This feature tracks changing Chromium's implementation of the DC API to match such that requests for unspecified presentation and issuance protocols will fail vs. being passed through to Android.
Blink component
Blink>Identity>DigitalCredentialsWeb Feature ID
No information provided
Motivation
To align with a change to the spec which enables more credible privacy and security analysis of the API.
Initial public proposal
No information providedTAG review
No information provided
TAG review status
Not applicableGoals for experimentation
None
Risks
Interoperability and Compatibility
A UseCounter was added for unknown protocols in the DC API, it has fallen to essentially zero starting in April 2026: https://chromestatus.com/metrics/feature/timeline/popularity/5770
Looking at more detailed internal metrics, the exact value is not exactly zero and amounts to about 3% of all DC API calls (itself very rare). We believe this represents some limited testing by developers considering migrating from custom schemes to the DC API, no real deployments. But in order to avoid negatively impacting those developers we want to hold actual removal until the start of 2027. In order to reduce the risk of surprises we want to add a deprecation warning / report now.
Gecko: No signal (https://mozilla.github.io/standards-positions/#digital-credentials) Mozilla is officially negative on the DC API itself. In the FedID WG meeting for restricting the API to specified protocols only, Mozilla representatives argued in favor of the change.
WebKit: Shipped/Shipping (https://webkit.org/blog/17431/online-identity-verification-with-the-digital-credentials-api) Supports only the org-iso-mdoc protocol already
Web developers: No signals
Other signals:
WebView application risks
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
No information providedDebuggability
No information provided
Will this feature be supported on all six Blink platforms
(Windows, Mac, Linux, ChromeOS, Android, and Android WebView)?
YesIs this feature fully tested by web-platform-tests?
Yes
Covered by https://wpt.fyi/results/digital-credentials/get.https.html
Flag name on about://flags
#enable-experimental-web-platform-features
Finch feature name
DigitalCredentialsProtocolFilter
Rollout plan
Will ship enabled for all usersRequires code in //chrome?
FalseTracking bug
https://crbug.com/465006289Estimated milestones
| Shipping on desktop | 160 |
| DevTrial on desktop | 151 |
| Shipping on Android | 160 |
| DevTrial on Android | 151 |
| Shipping on WebView | 160 |
Anticipated spec changes
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
No information providedLink to entry on the Chrome Platform Status
https://chromestatus.com/feature/6492906882990080?gate=5229137305403392
This intent message was generated by
Chrome Platform Status.
Reply all
Reply to author
Forward
0 new messages