[Note: This issue is related to the changes proposed in PR #91 and summarized on issue #92.]

We propose retiring the SameParty cookie attribute proposal and requiring calls to the Storage Access API to utilize set membership. This promotes active, rather than passive, cookie access grants, allowing browsers to make privacy-conscious access decisions on behalf of their users. The Storage Access API (or requestStorageAccess) is currently used by other browsers to facilitate cross-domain cookie access.

Can developers use requestStorageAccess (inside iframes, gated on user activation of iframe) to viably replace SameParty use cases? If not, will the rSA-for-site proposal be able to meet all of developers’ needs?