zlacker

[return to "Unpacking Google’s Web Environment Integrity specification"]
1. jfoutz+KA1[view] [source] 2023-07-26 17:59:22
>>dagurp+(OP)
This kinda seems like a fantastic way to implement micro payments. The site owner sets up a attestor that knows they’ve paid.

I hate Wei in general, but it really could open up control over bots and paid access.

◧◩
2. wbobei+sC1[view] [source] 2023-07-26 18:05:37
>>jfoutz+KA1
There is no reason that can't be done with existing web technology, WEI does not advance that use case in any meaningful way.
◧◩◪
3. jfoutz+WF1[view] [source] 2023-07-26 18:18:20
>>wbobei+sC1
It provides a uniform service for ensuring a client has desired properties.

That’s kinda tricky to do well. Traffic for monitoring, you can do with a jwt, but like, enabling chunked transfer in python request lib is a problem you discover. An array of attestors could guarantee feature sets.

◧◩◪◨
4. nobody+4U1[view] [source] 2023-07-26 19:10:53
>>jfoutz+WF1
>It provides a uniform service for ensuring a client has desired properties.

I see that as a downside, not a benefit -- who decides whether or not a client (i.e., my software running on my hardware) has those "desired properties" and what might those properties be?

[go to top]