|
|
|
|
|
|
by dm_
9 days ago
|
|
|
That's what https://verifiableintent.dev/ is for, right? Though I also think this is, in a sense, a poorly specified problem: without remote attestation (as with FIDO Security Keys), nothing prevents a human from connecting the "user presence" check to a software-triggered cryptographic key. And for a variety of privacy and open-web reasons, nobody wants to tie common web flows to remote attestation. So.... ¯\_(ツ)_/¯ |
|
|