Jump to content

Web Environment Integrity

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Tali64^2 (talk | contribs) at 00:43, 3 August 2023 (Criticism). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Web Environment Integrity (WEI) is an API proposal currently being developed for Google Chrome.

Proposal

The standard proposes an API for websites to get a digitally-signed token that contains the certifier's name and whether or not they deem the web client to be authentic. The stated goal is to only allow access to certain sites for human users instead of automated programs and "allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device". Access to this API will not be allowed in non-secure (HTTP) contexts.[1]

Criticism

The proposal has drawn criticism for limiting general purpose computing and being against the open web, with some comparing WEI to digital rights management (DRM).[2][3]

Entity Date Opinion Comment
Mozilla 2023-07-25 Oppose Mozilla opposes this proposal because it contradicts our principles and vision for the Web.[4]
World Wide Web Consortium 2023-07-25 Oppose not compatible with the vision of an open web platform that empowers users and developers.[5][disputeddiscuss]
Vivaldi 2023-07-27 Oppose dangerous[6]
Free Software Foundation 2023-07-29 Oppose all-out attack on the free Internet[7]
Brave Software 2023-07-31 Oppose We won't be shipping WEI support, just as we disable or otherwise nullify lots of other junk that Google puts into Chromium.[8]
Apple Unknown
Microsoft Unknown

Chris Palmer, a former Google engineer, expressed concerns about the API's effect on the openness of the web as a mainstream application platform and called for its retraction. [9]

References

  1. ^ "Web-Environment-Integrity/explainer.md at main · RupertBenWiser/Web-Environment-Integrity". GitHub. Retrieved 2023-07-26.
  2. ^ Amadeo, Ron (2023-07-24). "Google's nightmare "Web Integrity API" wants a DRM gatekeeper for the web". Ars Technica. Retrieved 2023-07-26.
  3. ^ Claburn, Thomas. "Google Web Environment Integrity draft draws developer rage". The Register. Retrieved 2023-07-26.
  4. ^ "Request for Position: Web Environment Integrity API · Issue #852 · mozilla/standards-positions". GitHub. Retrieved 2023-07-26.
  5. ^ Parker, Leo (2023-07-25). "Google's Web Integrity API: A DRM nightmare for the web?". Trendy Digests. Retrieved 2023-07-27.
  6. ^ "Unpacking Google's new "dangerous" Web-Environment-Integrity specification". Vivaldi Browser. 2023-07-25. Retrieved 2023-07-26.
  7. ^ ""Web Environment Integrity" is an all-out attack on the free Internet". Free Software Foundation. 2023-07-28. Retrieved 2023-07-28.
  8. ^ Brinkmann, Martin (31 July 2023). "Brave Browser won't support Google's Web Environment Integrity API". ghacks.net. Retrieved 31 July 2023.
  9. ^ "Former Google Engineer Speaks Out Against Controversial Web Environment Integrity API Proposal". Techtsp. 2023-07-29. Retrieved 2023-07-29.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Web_Environment_Integrity&oldid=1168479718"