Apple already shipped attestation on the web, and we barely noticed

There’s been a lot of concern recently about the Web Environment Integrity proposal, developed by a selection of authors from Google, and apparently being prototyped in Chromium.

There’s good reason for anger here (though I’m not sure yelling at people on GitHub is necessarily the best outlet). This proposal amounts to attestation on the web, limiting access to features or entire sites based on whether the client is approved by a trusted issuer. In practice, that will mean Apple, Microsoft & Google.

Of course, Google isn’t the first to think of this, but in fact they’re not even the first to ship it. Apple already developed & deployed an extremely similar system last year, now integrated into MacOS 13, iOS 16 & Safari, called “Private Access Tokens“.

Ten bucks this bad thing Apple is already shipping will get far less attention than a proposal by Google.

7 Comments

  1. 2023-07-25 8:01 pm
  2. 2023-07-25 10:11 pm
    • 2023-07-25 10:40 pm
      • 2023-07-26 10:29 am
        • 2023-07-26 1:53 pm
          • 2023-07-27 12:57 am
          • 2023-07-27 3:20 am