Thank you for the update and cleanup Ben. Also thank you very much for all your hard work trying to balance very difficult competing goals, engaging openly with constructive criticism and reevaluating the approach.
Personally, I'm still optimistic that we (the open web community) will find ways to reduce the harms of invalid traffic across the whole web. But, in terms of an immediate tractable step forward, the narrow focus for WebView outside Chromium makes a lot of sense to me. Despite the challenge, I welcome further open exploration, experimentation and respectful debate on the problem space. In fact, I expect it will be essential in the long run if we want the web on Android to have access to content available to native apps and browsers like Mobile Safari which already provide device integrity signals. IMHO It's only through this sort of a public process of exploration, debate and iterating on experiments that we'll ever find our way to healthy balances between conflicting goals of great importance to our user and developer constituencies. We designed the blink API process to be "safe to fail" because we know it's the only way to succeed at the most important hard problems long-term. Thank, Rick On Thu, Nov 2, 2023 at 3:56 PM 'Ben Wiser' via blink-dev < blink-dev@chromium.org> wrote: > Hey all, > > Thanks for your patience. After carefully considering all your feedback, > we’ve decided to no longer pursue the Web Environment Integrity proposal. > The Android team will instead be experimenting with a narrowly scoped > WebView only feature that won’t make it to web browsers. The full details > for that experiment as well as the unique WebView only challenges have been > published > <https://android-developers.googleblog.com/2023/11/increasing-trust-for-embedded-media.html> > to the Android Developers Blog. > > We've archived the WEI github repository > <https://github.com/RupertBenWiser/Web-Environment-Integrity> and will > revert all WEI > <https://chromium-review.googlesource.com/c/chromium/src/+/5001989> code > on Chromium. > > We’d like to also say thank you for all the feedback on the I2P on such a > complex topic. > > > On Thursday, September 21, 2023 at 3:10:51 PM UTC+1 Anton Bershanskyi > wrote: > >> Hello everyone, >> >> has there been any progress on Web environment integrity API since >> August? In particular: >> >> 1. Does Google still have aspirations to prototype this API? The >> Chrome Platform Status entry >> <https://chromestatus.com/feature/5796524191121408> specifies that >> there is "no active development". >> 2. If there are no plans to prototype this API, are there plans to >> remove the source code? >> 3. If there are plans to continue prototyping, are there any plans to >> address the following concerns? >> 1. Permission Policy integration to allow websites to delegate >> and/or restrict usage of this API to embeds? >> 2. Permission API (even without the UI) which wold allow user >> agents and/or end users to control this API? (Relevant bug for >> Android >> <https://bugs.chromium.org/p/chromium/issues/detail?id=1459011>) >> 3. Choice to partition/key WEI handles based on top-level origin >> alone or the top-level origin and the embed? (Relevant bug >> <https://bugs.chromium.org/p/chromium/issues/detail?id=1457957> >> mentions >> the conflict between handle scarcity and privacy implications of coarse >> partitioning on top-level origin alone.) Please note that this likely >> could >> be addressed via point 1, that is implementing Permission Policy >> integration with a default allow list of 'self' since then the >> top-level >> origin would delegate the access explicitly. >> >> Thank you. >> On Monday, May 8, 2023 at 6:30:30 PM UTC+3 Ben Wiser wrote: >> >>> Contact emails >>> >>> serg...@chromium.org, pb...@chromium.org, ryan...@google.com, >>> b...@chromium.org, erict...@chromium.org >>> Explainer >>> >>> >>> https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md >>> Specification >>> >>> We do not have a specification yet, however we expect to publish in the >>> near future both the considered implementation options for the web layer in >>> an initial spec, which we suspect are not very controversial, and an >>> explanation of our approach for issuing tokens, which we expect will spark >>> more public discussion, but is not directly a web platform component. We >>> are gathering community feedback through the explainer before we actively >>> develop the specification. >>> TAG Review >>> >>> Not filed yet. >>> Blink component >>> >>> Blink>Identity >>> <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EIdentity> >>> Summary >>> >>> This is a new JavaScript API that lets web developers retrieve a token >>> to attest to the integrity of the web environment. This can be sent to >>> websites’ web servers to verify that the environment the web page is >>> running on is trusted by the attester. The web server can use asymmetric >>> cryptography to verify that the token has not been tampered with. This >>> feature relies on platform level attesters (in most cases from the >>> operating system). >>> >>> This project was discussed in the W3C Anti-Fraud Community Group on >>> April 28th, and we look forward to more conversations in W3C forums in the >>> future. In the meantime, we welcome feedback on the explainer >>> <https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md> >>> . >>> Motivation >>> >>> This is beneficial for anti-fraud measures. Websites commonly use >>> fingerprinting techniques to try to verify that a real human is using a >>> real device. We intend to introduce this feature to offer an adversarially >>> robust and long-term sustainable anti-abuse solution while still protecting >>> users’ privacy. >>> Initial public proposal >>> >>> https://github.com/antifraudcg/proposals/issues/8 >>> Risks >>> >>> Interoperability and Compatibility >>> >>> We are currently working on the explainer and specification and are >>> working with the Anti-Fraud Community Group to work towards consensus >>> across the web community. The “attester” is platform specific so this >>> feature needs to be included on a per platform basis. We are initially >>> targeting mobile Chrome and WebView. >>> >>> Ergonomics >>> >>> See “How can I use web environment integrity? >>> <https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#how-can-i-use-web-environment-integrity>” >>> in the explainer. Note that we are actively looking for input from the >>> anti-fraud community and may update the API shape based on this. We also >>> expect developers to use this API through aggregated analysis of the >>> attestation signals. >>> >>> Security >>> >>> See the “Challenges and threats to address >>> <https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#challenges-and-threats-to-address>” >>> section of the explainer to see our current considerations. >>> >>> Will this feature be supported on all six Blink platforms (Windows, Mac, >>> Linux, ChromeOS, Android, and Android WebView)? >>> >>> We initially support this only for Android platforms (Android, and >>> Android WebView). This feature requires an attester backed by the target >>> platform so it will require active integration per platform. >>> >>> Is this feature fully tested by web-platform-tests >>> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%2F%2B%2Fmaster%2Fdocs%2Ftesting%2Fweb_platform_tests.md&data=04%7C01%7CAmanda.Baker%40microsoft.com%7C84c5e8a01bc1471e348f08d7c6b940f0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637196371372857279%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C-1&sdata=M79bBRPkECK4YmZwW1JAdcqHCofWo6qpz3TFFwnvqB8%3D&reserved=0> >>> ? >>> >>> Web platform tests will be added as part of this work as part of the >>> prototyping. We will then feed those tests back into the specification. >>> >>> Requires code in //chrome? >>> >>> True >>> >>> Feature flag (until launch) >>> >>> --enable-features=WebEnvironmentIntegrity >>> >>> Link to entry on the Chrome Platform Status >>> >>> https://chromestatus.com/feature/5796524191121408 >>> >> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/87ca941d-0eee-40ce-9a2a-65e12ae02437n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/87ca941d-0eee-40ce-9a2a-65e12ae02437n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY-kXb9%2BcsiLO6Pn%2B-d_FRH8nfvNWgcQrW31ozYynbKCww%40mail.gmail.com.
