Goals
Allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device.
Offer an adversarially robust and long-term sustainable anti-abuse solution.
Don't enable new cross-site user tracking capabilities through attestation.
Continue to allow web browsers to browse the Web without attestation.
I wish I could go back in time to when we were all having giant debates about adding official DRM support to the spec for web video, and I wish that I could take all of the people saying "this would never be expanded to HTML, nobody is talking about adding DRM to prevent Javascript/HTML manipulation" and I wish I could slap those people in the face. In Minecraft I mean.
And then have a constructive conversation about how wrong they were.
2 comments
[ 2.9 ms ] story [ 16.6 ms ] threadhttps://rupertbenwiser.github.io/Web-Environment-Integrity/
https://github.com/RupertBenWiser/Web-Environment-Integrity/...
Goals Allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device. Offer an adversarially robust and long-term sustainable anti-abuse solution. Don't enable new cross-site user tracking capabilities through attestation. Continue to allow web browsers to browse the Web without attestation.
And then have a constructive conversation about how wrong they were.