lautan@lemmy.ca to Technology@lemmy.worldEnglish · 2 年前Apple already shipped attestation on the web, and we barely noticedhttptoolkit.comexternal-linkmessage-square87fedilinkarrow-up1331arrow-down115cross-posted to: technology@lemmy.worldtechnology@lemmy.world
arrow-up1316arrow-down1external-linkApple already shipped attestation on the web, and we barely noticedhttptoolkit.comlautan@lemmy.ca to Technology@lemmy.worldEnglish · 2 年前message-square87fedilinkcross-posted to: technology@lemmy.worldtechnology@lemmy.world
minus-square_number8_@lemmy.worldlinkfedilinkEnglisharrow-up6arrow-down1·2 年前is there any positive use case for it for the user at all?
minus-squareHello Hotel@lemmy.worldlinkfedilinkEnglisharrow-up14arrow-down1·2 年前No, its an alternate evil scheme to uniquely identify users and not bots. Replacing the phone number.
minus-squareSerinus@lemmy.worldlinkfedilinkEnglisharrow-up3·2 年前For sites that support it, you don’t have to fill out a captcha. Instead it transmits a list of running processes (or other, formerly private info).
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkEnglisharrow-up1·2 年前^Instead it transmits a list of running processes (or other, formerly private info). No it doesn’t. Attestation is simply a cryptographicly signed “we trust this user is human” message.
minus-squareSirQuackTheDuck@lemmy.worldlinkfedilinkEnglisharrow-up1·2 年前Based on the spec. The token is simply a signature that can be checked at the issuing party (Apple for this news item).
is there any positive use case for it for the user at all?
No, its an alternate evil scheme to uniquely identify users and not bots. Replacing the phone number.
For sites that support it, you don’t have to fill out a captcha.
Instead it transmits a list of running processes (or other, formerly private info).
^Instead it transmits a list of running processes (or other, formerly private info).
No it doesn’t. Attestation is simply a cryptographicly signed “we trust this user is human” message.
Based on what?
Based on the spec. The token is simply a signature that can be checked at the issuing party (Apple for this news item).