> This feature is largely bad for the web and the industry generally, like all attestation (see below).
> That said, it's not as dangerous as the Google proposal, simply because Safari isn't the dominant browser. Right now, Safari has around 20% market share in browsers (25% on mobile, and 15% on desktop), while Chrome is comfortably above 60% everywhere, with Chromium more generally (Brave, Edge, Opera, Samsung Internet, etc) about 10% above that.
> With Safari providing this, it can be used by some providers, but nobody can block or behave differently with unattested clients. Similarly, Safari can't usefully use this to tighten the screws on users - while they could refuse to attest old OS versions or browsers, it wouldn't make a significant impact on users (they might see statistically more CAPTCHAs, but little else).
> Chrome's usage is a larger concern. With 70+% of web clients using Chromium, this would become a major part of the web very quickly. With both Web Environment Integrity & Private Access Tokens, 90% of web clients would potentially be attested, and the "oh, you're not attested, let's treat you suspiciously" pressure could ramp up quickly.
----
It's bad that Safari is shipping attestation, but a big reason why Safari often gets a pass on negative features that Google doesn't get a pass on[0] is because Chrome has a 60% market share, many sites are tested only in Chrome, and Chrome's marketshare is only likely to grow in the future once we finally get Apple to finally allow alternate browsers on iOS. In contrast, Safari's marketshare is pretty much tied only to iOS and Mac, and they don't even have a monopoly on Mac.
Like it or not, it matters more when Chrome breaks the Internet.
I'm not saying we should ignore Safari (we definitely shouldn't), but if that "double standard" makes anyone upset, perhaps that's a good reason to break Google up and introduce more browser diversity. If Chrome didn't have a 60% marketshare over the entire web, it would be possible to extend more grace to the people proposing experimental features within Chrome.
The extra scrutiny and tougher standards, and even the lower leeway to make mistakes are partially consequences of being the dominant browser in the marketplace. I'm sorry, but the standards are higher when you're in a position where it's possible for you to break everything.
----
[0]: see Manifest V3, which is also based heavily on Safari's own adblocking restrictions, which are similarly harmful to adblockers but tend to get a lot less attention.
"Tired of seeing all those captchas? Get an iPhone or a MacBook."
If that bothers you, support browser competition and consider breaking up Google. I'm sorry, but it is a fact that it is more dangerous for Chrome to take harmful web positions than it is for Safari to take harmful web positions. That's just the consequence of having a browser monopoly, and Google has to live with that consequence.
Morality has nothing to do with it. I don't support attestation on Safari, but it matters more when Google does it. It's not "fair" because the market isn't fair, there is a dominant player and their actions matter more. Again, if that upsets you, get upset at the unreasonable power dynamics that Chrome has over the Internet. They are the reason for the extra scrutiny.