Jj Del Carpio

Jj's web stream

The way of better privacy in technology points towards clients having more responsibilities

E2EE protocols, require all the credential gymnastics to happen on the client.

Webauthn, BrowserID, and other ideas, relied on the browser controlling credentials as well.

Proposals like Turtledove also delegate ad displaying to the browser.

Which, seems like a good and easy principle to remember, when designing privacy first services, if the client is too lightweight, there's probably not enough privacy.

Of course, that will not solve your problem, the real question is how much knowledge is delegated to the services, and answering that is difficult in extremes like fingerprinting.

The sad part, is that it makes it difficult to leverage web technologies without growing new Browser APIs, or re implementing your own thing in JS from scratch.

Shared on:

Jj Avatar of Jj

Reply or react to this post via Webmentions or reply or like to the Mastodon, Twitter or Instagram post.