Little late to the thread but I had a chat with Torne and we both agree
from the WebView side that deleting the cookies is the preferred option for
disabling the feature from our perspective.
The alternative of migrating partitioned cookies to 3PCs has these cons:
- Also not gated via finch
Hey all,
Thanks for your patience. After carefully considering all your feedback,
we’ve decided to no longer pursue the Web Environment Integrity proposal.
The Android team will instead be experimenting with a narrowly scoped
WebView only feature that won’t make it to web browsers. The full
@Rick, yes this might be what ultimately leads to the holdbacks being the
enforcement mechanism to protect non-attested traffic. The hesitancy in my
answers is just in case there is an awesome technical solution or approach
that we haven't thought of yet that could also help counter some of the
Hey Michaela, if I understand correctly, you’re proposing an integrity
check for user agents to run against websites? Let me know if I got that
right. It sounds like you’re proposing an integrity check in the opposite
direction from what the explainer
> This seems to create a large power for site owners to dictate & control
user behavior.
I want to be forthright in saying that I have the same concerns. For this
reason, it is an explicit goal in the explainer to "Continue to allow web
browsers to browse the Web without attestation." (ref
The contact email b...@chromium.org was added in error. That should be
bew...@chromium.org.
On Monday, May 8, 2023 at 4:30:30 PM UTC+1 Ben Wiser wrote:
> Contact emails
>
> serge...@chromium.org, pb...@chromium.org, ryanka...@google.com,
> b...@chromium.org, erictrou...@chromium.org
>
Contact emails
serge...@chromium.org, pb...@chromium.org, ryanka...@google.com,
b...@chromium.org, erictrou...@chromium.org
Explainer
https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md
Specification
We do not have a specification yet, however we expect to publish