Google’s plan is that, during a webpage transaction, the web server could require you to pass an “environment attestation” test before you get any data. At this point your browser would contact a “third-party” attestation server, and you would need to pass some kind of test. If you passed, you would get a signed “IntegrityToken” that verifies your environment is unmodified and points to the content you wanted unlocked. You bring this back to the web server, and if the server trusts the attestation company, you get the content unlocked and finally get a response with the data you wanted.
The web mercilessly mocked this idiotic proposal over the weekend, and rightfully so. This is an unadulterated, transparent attempt at locking down the web with DRM-like nonsense just to serve more targeted ads that you can’t block. This must not make its way into any browser or onto any server in any way, shape, or form. The less attention we give to this drivel, the better.