lautan@lemmy.ca to Technology@lemmy.worldEnglish · 1 年前Apple already shipped attestation on the web, and we barely noticedhttptoolkit.comexternal-linkmessage-square85fedilinkarrow-up1329arrow-down115cross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
arrow-up1314arrow-down1external-linkApple already shipped attestation on the web, and we barely noticedhttptoolkit.comlautan@lemmy.ca to Technology@lemmy.worldEnglish · 1 年前message-square85fedilinkcross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
minus-squarerealharo@lemm.eelinkfedilinkEnglisharrow-up18·1 年前Can you post any source at all that would back your claims? Or any technical details at all? Neither the actual proposal https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#what-information-is-in-the-signed-attestation, nor the article itself seem to show that there would be a difference when it comes to privacy. The entire problem with this proposal is that it limits client choice, similar to how Google Play integrity API on Android restricts some apps from running on rooted/unlocked phones. That same problem obviously also exists in Apple’s implementation.
Can you post any source at all that would back your claims? Or any technical details at all?
Neither the actual proposal https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#what-information-is-in-the-signed-attestation, nor the article itself seem to show that there would be a difference when it comes to privacy.
The entire problem with this proposal is that it limits client choice, similar to how Google Play integrity API on Android restricts some apps from running on rooted/unlocked phones.
That same problem obviously also exists in Apple’s implementation.