First round of fixes to address review comments

: list of eTLDs, where the url suffix may be shared by independent tenants

**third-party cookies**

: cookies not keyed to a site other than the top-level site

: cookies keyed to a site other than the top-level site

## 3.2 Symbols

**[REQ-EXT-AAC-6]**: The product shall ensure isolation between the execution and data contexts of different extensions.

**[REQ-STORE-ACC-1]** The product shall store data and enforce access according to the Same-Origin-Policy.

**[REQ-STORE-ACC-1]** The product shall store data and enforce access according to the Same Origin Policy.

**[REQ-STORE-ACC-2]** For non-cookie data, the product shall only expose data to a given origin that was either (i) stored while visiting that origin, or (ii) with user interaction to indicate intent to provide information (eg form autofill).

**[REQ-STORE-ACC-3]** The product shall enforce Same-Origin-Policy access control for storage data outside rendering processes.

**[REQ-STORE-ACC-3]** The product shall enforce Same Origin Policy access control for storage data outside rendering processes.

**[REQ-STORE-ACC-4]** The product shall not share or make data available across browser profiles.

**[REQ-EXT-CON-1]**: The product shall prevent secrets stored by extensions from being read by other extensions or by web content.

[REQ-STORE-CON-1] The product shall not send third-party cookies by default. They may be supported consistent with the `Partitioned` attribute.

**[REQ-STORE-CON-1]** The product shall not send third-party cookies by default. They may be supported consistent with the `Partitioned` attribute.

NOTE: The product can provide users the ability to share third-party cookies, whether on a case-by-case basis through interaction as in Storage Access API or throughout their browser profile through configuration.

[REQ-STORE-CON-2] The product shall make use of OS access control, encryption methods or other mechanisms to ensure confidentiality of disk-stored data.

**[REQ-STORE-CON-2]** The product shall make use of OS access control, encryption methods or other mechanisms to ensure confidentiality of disk-stored data.

[REQ-STORE-CON-3] The product shall store browser cache data such that they are keyed to both top-level site and resource.

**[REQ-STORE-CON-3]** The product shall store browser cache data such that they are keyed to both top-level site and resource.

## 5.7 Integrity

**[REQ-EXT-AP-1]**: The product shall make the best effort to prevent the ability of an extension to make the product unavailable.

**[REQ-STORE-AVA-1]** The product shall make use of data stored to disk for state recovery in case of a crash.

Applicability: Where the product and browser profile use storage persisted to disk.

**[REQ-STORE-AVA-1]** The product shall retain data stored to disk in case of a crash and make it available upon browser restart.

## 5.10 Impact Minimisation

**[REQ-EXT-LOG-1]**: The product shall provide the user the ability to identify running extensions, and to observe their activity.

**[REQ-STORE-LOG-1]** The product shall provide an interface for viewing stored data at a granularity of site or narrower (e.g., origin)

**[REQ-STORE-LOG-1]** The product shall provide an interface for viewing information about stored data at a granularity of site or narrower (e.g., origin).

## 5.14 Data Removal and Transparency

Proposed ESR code: DRT

**[REQ-STORE-DRT-2]** The product shall provide reset functionality that removes all stored data across all sites and browser profiles.

**[REQ-STORE-DRT-3]** The product shall have an interface for deleting storage at a granularity of site or narrower (e.g., origin)

**[REQ-STORE-DRT-3]** The product shall have an interface for deleting storage at a granularity of site or narrower (e.g., origin).

## 5.15 Vulnerability Handling