Revision as of 21:15, 1 September 2023 edit M!dgard (talk \| contribs) 401 edits add "controversial" in lead: based on the near-unanimous rejection (see section "Reception") i consider it a violation of NPOV to keep this in a separate section ← Previous edit		Revision as of 12:14, 3 September 2023 edit undo Dtgriscom (talk \| contribs) Extended confirmed users 2,506 edits Wordsmithing Next edit →
Line 6: [[Image:Web Environment Integrity attestation - How it works.svg\|thumb\|480px\|[[Sequence diagram]] showing WEI attestation]] The draft proposes an API for websites to get a [[Digital signature\|digitally signed]] token that contains the certifier's name and whether or not they deem the web client to be authentic. The stated goal is for certain sites to only allow access to ~~certain sites for~~ human users instead of automated programs and "allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device". Access to this API will not be allowed in non-secure ([[HTTP]]) contexts.<ref>{{Cite web \|title=Web-Environment-Integrity/explainer.md at main · RupertBenWiser/Web-Environment-Integrity \|url=https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md \|access-date=2023-07-26 \|website=GitHub \|language=en}}</ref> {{clear}}

Web Environment Integrity: Difference between revisions