Request for Mozilla Position on an Emerging Web Specification Specification Title: Web Environment Integrity API Specification or proposal URL (if available): https://rupertbenwiser.github.io/Web-E...
Just for clarification. Can someone just not write an extension where if you are visiting a google service it will just lie in the http request that you are using chrome or is does the DRM also stop that with keys and hashes?
pretty much yes to keys and hashes. Just think HDCP and HDMI
That said, I imagine it’ll have to be easier to hack software that isn’t embedded in hardware. but it’s also easier to issue revocation lists when you don’t have to worry about bricking everyone’s hardware. So I have no idea which way that balance tilts.
Just for clarification. Can someone just not write an extension where if you are visiting a google service it will just lie in the http request that you are using chrome or is does the DRM also stop that with keys and hashes?
pretty much yes to keys and hashes. Just think HDCP and HDMI
That said, I imagine it’ll have to be easier to hack software that isn’t embedded in hardware. but it’s also easier to issue revocation lists when you don’t have to worry about bricking everyone’s hardware. So I have no idea which way that balance tilts.
Very much the latter.