If I and other chromium leads didn't actually care about openness then you'd be able to tell pretty clearly because Chromium would be closed source, we wouldn't have big programs like wpt.fyi, and we wouldn't bother even trying to talk about this stuff on open mailing lists.
> If I and other chromium leads didn't actually care about openness then you'd be able to tell pretty clearly because Chromium would be closed source, we wouldn't have big programs like wpt.fyi, and we wouldn't bother even trying to talk about this stuff on open mailing lists.
I do actually believe you care about this. I think your employer once cared; but now they fundamentally do not (as a whole; I'm aware that Googlers are not a monolith).
There are a lot of people shouting at you that this isn't what an "open web" means, and that it's directly counter to the "open web." I imagine that's a difficult thing to square: your own feelings about the open web, and this proposal. How do you make them fit?
One way, of course, is to label the people shouting as criminals. ;)
If you are feeling that tension like I suspect you are, then sit with it for awhile. Really examine your principles and try to decide if this proposal actually lines up with your values. If you find that you cannot actually align this proposal with your principles - then I urge you to do something about it. Kill the proposal from the inside. You'd stand a lot better chance of doing that than I, an outsider, would.
Hey. I know you’re well-meaning and the proposal isn’t meant to harm the web. But please, retract it.
WEI’s purpose is to block out bad traffic. The question isn’t whether all website owners will block non-attesting clients once this is rolled out. It’s whether any can. If they can, some will. The most promising way to address this are holdbacks. But they can’t work, because:
a) if 5% of pageloads fail, users will get used to it and adapt. When the load fails, they’ll reload. Holdbacks can’t reasonably disincentivize blocking non-attesting clients. Some websites really want to, and they will. They won’t care about losing 1-2% of visits.
b) Websites can just tell users how to bypass it: “Authentication failed. Try reloading, or switch to an authorized browser.”
c) Some governments (like the French) are already trying to legally mandate stuff roughly similar to WEI, though thankfully the methods they use are much milder than WEI. You’re opening Pandora’s box, just like Apple did with Communication Safety. Why couldn’t a government legally require all banks to block non-attesting clients? Then, this proposal will have enabled financial discrimination and de-banking, for something as benign as not being able to have an up-to-date browser on an “expired” Chromebook (outdated browsers would presumably fail attestation, and people with old laptops who can’t afford new ones shouldn’t be shut out of the economy).
Holdbacks can’t work. There’s no form WEI can take that wouldn’t cause what (I trust) you’re trying to avoid.
I think my point (c) is flawed: governments already have equivalents with finalized implementations, and will soon legally mandate them. That cat is out of the bag, and dropping WEI would have no effect. And these alternative methods proposed by governments are far worse for user privacy than WEI.
> If I and other chromium leads didn't actually care about openness then you'd be able to tell pretty clearly because Chromium would be closed source, we wouldn't have big programs like wpt.fyi, and we wouldn't bother even trying to talk about this stuff on open mailing lists.
That only helps if anyone believes you'll listen to anything on the mailing lists. Right now it looks like you publish things there so you can claim community input, and then go ahead with whatever you wanted to do in the first place.
On the other hand, it's uncannily similar to former FCC chairman Ajit Pai discarding public commentary as "fake" in favor of whatever the lobbyists shoved in front of him during the whole net neutrality thing a few years back.
As the expression goes: It is difficult to get someone to understand something when their salary depends upon them not understanding it.
With all due respect, WEI is antithetical to this value and goal.
The question is, will you hear people who don't agree that your proposal will result in an open web, or continue classifying many people who want an open, non-toll-gated web as criminals?
I do actually believe you care about this. I think your employer once cared; but now they fundamentally do not (as a whole; I'm aware that Googlers are not a monolith).
There are a lot of people shouting at you that this isn't what an "open web" means, and that it's directly counter to the "open web." I imagine that's a difficult thing to square: your own feelings about the open web, and this proposal. How do you make them fit?
One way, of course, is to label the people shouting as criminals. ;)
If you are feeling that tension like I suspect you are, then sit with it for awhile. Really examine your principles and try to decide if this proposal actually lines up with your values. If you find that you cannot actually align this proposal with your principles - then I urge you to do something about it. Kill the proposal from the inside. You'd stand a lot better chance of doing that than I, an outsider, would.