Don't.

[OrionMoonclaw]

Sometimes you have to ask the question whether something should be done at all, and trusted computing is certainly one of those cases where the answer is obviously a big fat NO.

So please reconsider what you believe in, leave this demon to history where it forever belongs.

[selfawaresoup]

This is DRM infrastructure for websites and fundamentally counter to an open web.

So yeah, don’t.

[warriordog]

100% agree. This proposal offers far too many opportunities for abuse. The authors have clearly tried to mitigate this, but their measures are insufficient and always will be, because the underlying idea is flawed. Lets leave this one in the past - it will only ever cause more harm than good.

[jfmcbrayer]

Almost every reasonable use case of this proposal is something that makes the web worse for users. It opens another front in the War On General Computation, and continues the trend of web browsers ceasing to be user-agents, and becoming the property of the website owners. It's a straight-up attack on the open web.

[tanepiper]

I would add myself to the points above, this is not a good idea and opens up so much potential abuse, and shutting out of marginalised groups who may not be able to use the latest version of a program.

The world is also dividing along ideological lines that could see this used to perpetrate a shutdown of information to a select few.

tl;dr Don't

Please just withdraw this horrible idea.
"Web Environment Integrity" is when you, as developers, show integrity and dump this.

[kleinesfilmroellchen]

Have you lost your fucking minds? DRM never was and never will be a good idea. Just stop.

[mokrates]

No. Either no one else than you can build browser engines anymore, or this won't work anyways.
This is against OpenSource. How would my homebrew-browser be forced to be honest?

[PeterCxy]

The entire premise of this proposal is completely flawed. To quote the authors,

Users often depend on websites trusting the client environment they run in.

If the security of your web service depends on a specific client environment, your web service is designed wrong. Period. If something is security-critical, you should not ever delegate that computation to client side and you should not ever blindly trust any client-side input, even if you can attest to any digital signature from the client. Are you sure you are going to be able to maintain an up-to-date list of all the vulnerabilities of all "trusted" clients? And how are you going to mitigate all of them in time? Even with Android, a lot of known vulnerable devices are still "trusted" under SafetyNet / Play Integrity. The only way for any service to be secure is to not trust client input blindly.

This trust may assume that the client environment is honest about certain aspects of itself, keeps user data and intellectual property secure, and is transparent about whether or not a human is using it.

Your proposal has exactly nothing to do with whether a human user is interacting with the device. All you can ever do is attest to the fact that the client uses software with a signature trusted by the server. An automated program does not have to actually execute within this environment -- it can be a device outside of the control of the client-side operating system entirely. Are you then going to authenticate all peripherals connected to the device?

This trust is the backbone of the open internet, critical for the safety of user data and for the sustainability of the website’s business.

Let's make this very clear: the backbone of the open internet is the fact that any client from any vendor can access any website, as long as they implement all the open standards a given website / application depends on. By giving the ability to exclude certain vendors and users to operators of a website, you are destroying the open internet, not the other way around.

[tezoatlipoca]

^^ what they said. There is no compelling argument for any of this other than "policing the content/services I provide on the internet WITH humans, in order to maintain a productive service FOR humans, is expensive and I don't wanna; so lets add more complexity to an already complicated and impossible to understand/maintain tech stack and add even more hurdles a user has to go through rather than just sending a browser to a URL.."

Plus if you add yet another thing I have to 2FA just to read the instructions on how to repair my dishwasher, I may start to get nasty.

[tomoyoirl]

Hello! I'm hoping to help with potential workarounds, in case this issue is closed without action.

In the United States it might be possible to request a workaround through the involvement of the United States Department of Justice Antitrust Citizen Complaint Center at https://www.justice.gov/atr/citizen-complaint-center — as observers have noted, if we end up with website DRM everywhere and whitelisted entries for browsers like Chrome and agents like Googlebot, the net effects will be radically anti-competitive.

Please remember:

When contacting the Antitrust Division about a possible antitrust violation or potential anticompetitive activity, please provide as much of the following information as possible:

• The names of the companies, individuals, or organizations involved
• How do you believe they have violated the federal antitrust laws? (For details on federal antitrust laws, see Antitrust Laws and You.)
• Examples of, or details about, the conduct that you believe violates the antitrust laws
• The product or service affected by the conduct, including where the product is manufactured or sold or where is the service is provided
• The major competitors that sell the product or provide the service
• Your role in the situation
• Who is being affected and how they are being affected

You may submit your concern by e-mail, regular mail, or phone.

By email to antitrust.complaints@usdoj.gov.

By postal mail to:
Citizen Complaint Center
Antitrust Division
950 Pennsylvania Ave., NW
Room 3322
Washington, DC 20530

By phone at 1-888-647-3258 (toll free in the U.S. and Canada) or 202-307-2040.

In the European Union you want the DG Competition:

If you are directly affected by the practice which you suspect restricts competition and are able to provide specific information, you may want to lodge a formal complaint, which must fulfil certain requirements. The complaint form (“Form C”) is available on the Commission Regulation (EC) No 773/2004 of 7 April 2004 relating to the conduct of proceedings by the Commission pursuant to Articles 81 and 82 of the EC Treaty [1]. Official Journal L 123, 27.04.2004, p.18-24 (see the form on the last page “Annex”).

Information on how the Commission handles complaints is available on the Commission Notice on the handling of complaints by the Commission under Articles 81 and 82 of the EC Treaty (Articles 101 and 102 TFEU) (Official Journal C 115, 9.5.2008, p. 88–89).

You can provide information on a specific market where you may have concerns regarding compliance with EU competition rules by e-mail to comp-market-information@ec.europa.eu. Please indicate your name and address, identify the firms and products concerned and describe the practice you have observed. This will help the Commission to detect problems in the market and be the starting point for an investigation. We invite you to read our e-services privacy policybefore contacting us. You can also send your complaint by post:
You can also send your complaint by post:

European Commission
Competition DG
B - 1049 Bruxelles

If the situation you have encountered is limited to one country or area, or involves no more than three EU Member States you may want to contact a national competition authority. The competition authorities of all EU Member States now apply the same competition rules as the European Commission and very often they are well placed to deal with your problem. If you think that a larger number of Member States are concerned, you may primarily chose to contact the European Commission. If you are not sure about the scope of the problem, do not hesitate to contact either the European Commission or the national competition authority because the authorities cooperate among them and will allocate the case as appropriate.

[Wack0]

"so preoccupied with whether they could, they didn't stop to think if they should"

[adryzz]

how about no

TEEs in our phones to attest bootloader lock and SafetyNet (yes it's now Play Integrity) are already way too much

[Codel1417]

When most ads are malware and most sites are not accessible out of the box, including Google sites, how will this API improve the browsing experience for real users?

If your service trusts the client, you have failed as a developer

[a1batross]

Authors: Google, Google, Google and Google

Maybe Google should play in it's sandbox rather than defining what Internet is?