Currently, coordinator services are built and integrated for the platform they serve TEE based workloads on
— AWS coordinator services serve AWS Nitro Enclave based workloads, Google Cloud coordinator services serve
Google Cloud Confidential Space based workloads.
We are seeking feedback on consolidating coordinator services into one cloud platform.
Integrating the coordinator services with one platform only will allow us to focus our engineering efforts on improving the stability, reliability and availability of currently offered coordinator services deployments as well as build the foundation to accelerate support for additional public clouds in the future. We anticipate a similar approach would also apply if we enable private clouds.
To clarify, ad techs will continue to operate on their choice of supported cloud (AWS workloads will stay on AWS, GCP workloads will stay on GCP), this change would only impact the coordinator services where the cryptographic keys are held and the aggregatable report accounting ledger (relevant only for Aggregation Service) is operated. We will continue to split the operation of the coordinator services between Google and an independent third party.
The following considerations will need to be taken into account:
- workloads that are running on a platform distinct to the platform of the coordinator services will have an added cross platform dependency
- we deem request latency increases as minimal (current privacy sandbox service have limited dependencies on coordinator services in the critical serving path); cost increases are also expected to be minimal
- focus to integrate coordinator services with one platform will allow us to invest in improving availability compared to the current platform specific implementations
- adding new cloud providers currently requires large engineering efforts to add integration of coordinator services on a new platform
Please share your feedback and any concerns on this proposal with us.
Currently, coordinator services are built and integrated for the platform they serve TEE based workloads on
— AWS coordinator services serve AWS Nitro Enclave based workloads, Google Cloud coordinator services serve
Google Cloud Confidential Space based workloads.
We are seeking feedback on consolidating coordinator services into one cloud platform.
Integrating the coordinator services with one platform only will allow us to focus our engineering efforts on improving the stability, reliability and availability of currently offered coordinator services deployments as well as build the foundation to accelerate support for additional public clouds in the future. We anticipate a similar approach would also apply if we enable private clouds.
To clarify, ad techs will continue to operate on their choice of supported cloud (AWS workloads will stay on AWS, GCP workloads will stay on GCP), this change would only impact the coordinator services where the cryptographic keys are held and the aggregatable report accounting ledger (relevant only for Aggregation Service) is operated. We will continue to split the operation of the coordinator services between Google and an independent third party.
The following considerations will need to be taken into account:
Please share your feedback and any concerns on this proposal with us.