• @[email protected]
    link
    fedilink
    2
    edit-2
    1 year ago

    Even if it does implement WEI, it still won’t pass validation. Each website will have its own list of approved software configurations, and you’ll be lucky if your bank/doctor/government even allows you to use a Mac, let alone your favorite distro’s builds of Firefox and Linux.

    • fsniper
      link
      fedilink
      11 year ago

      I rechecked the current spec. It does not fully cover what a user agent can ask to the attestor ( “content binding” to be defined). So we can assume this attestation spec is defined at the attestor.

      Of course this does not mean attestor can not have different profiles to attest for.

      So your comment even though is possible, just not defined yet. Which we can - I believe - rightfully assume will be in the final spec or implementation.

      • @[email protected]
        link
        fedilink
        21 year ago

        That’s even worse. Websites will trust only Microsoft, Apple, and Google. Those of us who value our security enough to install Linux will be left out in the cold. We’ll be such a small minority that no one ever cares enough to give up on attestation. The pressure will cause our numbers to dwindle to nothing as people flee to proprietary platforms in order to avoid losing access to their bank/doctor/government. All hail the eternal compulsory corporate triopoly.

        • fsniper
          link
          fedilink
          21 year ago

          For now spec calls “holdbacks”, which are designed for this purpose. Attestors will fail randomly for a set percentage of the requests so this can’t be used as a whitelist. Surely this “holdbacks” will either be not implemented or dropped in no time by attestors.