- From: Reilly Grant <notifications@github.com>
- Date: Tue, 27 Feb 2024 11:33:18 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 27 February 2024 19:33:22 UTC
Thank you @plinss and @martinthomson for the discussion last week. I think where we landed in the discussion is that the particular problem Google is trying to solve with this proposal is having an environment where APIs like Direct Sockets could be enabled. Another example I gave was [remote desktop support in WebAuthn](https://chromestatus.com/feature/5153848187420672). We believe that IWAs solve this problem by providing a way to reason about the content of an application which then enables auditing and other controls which are not possible for sites loaded from live servers. I think this is also relevant for other apps with high security requirements, such as end-to-end messaging. Martin expressed some particular concerns with the signature mechanism which I think we can resolve once we have agreement on the high-level goals. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/842#issuecomment-1967456416 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/842/1967456416@github.com>
Received on Tuesday, 27 February 2024 19:33:22 UTC