Confused on first party isolation and FF85 network partitioning

[glitsj16]

Hi, I have been looking at FPI here, which suggests Mozilla refactored its 'first party isolation' concept and now implements it via two components:

• network partitioning
  • privacy.partition.network_state (defaults to true in FF85)
• dynamic FPI (dFPI)
  • network.cookie.cookieBehavior = 5 (Cross-site and social-media trackers, and isolate remaining cookies)

The referenced page comes with a BIG disclaimer stating that using the older user_pref("privacy.firstparty.isolate", true); will result in using the older FPI codebase and NOT the new concepts mentioned above (translated from the original German text).

After updating to FF85 (on Arch Linux) I started checking the above and tried playing with the relevant settings. My current arkenfox user.js is kept in sync with the version in this repo at all times. It sets privacy.firstparty.isolate to true and network.cookie.cookieBehavior to 1.

Does this imply FF is NOT using network partitioning? How does one even determine that?

A second point of confusion stems from the fact that there is no mention of this fifth option to network.cookie.cookieBehavior, nor about the need to reset privacy.firstparty.isolate to false if one wishes to use that (newly introduced?) fifth option:

/* 2701: disable 3rd-party cookies and site-data [SETUP-WEB]
 * 0=Accept cookies and site data, 1=(Block) All third-party cookies, 2=(Block) All cookies,
 * 3=(Block) Cookies from unvisited websites, 4=(Block) Cross-site and social media trackers (default)

Is this all premature? Is it an oversight in the updates for FF85? My own lack of understanding? Are there any plans to update this info on FPI settings in arkenfox? In short, any clarification on these FPI changes would be very welcome.

[Svallinn]

I'd suggest reading issue #1103, and after that follow the link to issue #1051 (if you don't want to read the whole thing and just want Pants' clarification on that particular question, go to this comment)