> Google's plan is that, during a webpage transaction, the web server could require you to pass an "environment attestation" test before you get any data.
Sounds pretty sweet from a corp security perspective. Context Aware Access lets you do attestation at SSO time but baking device integrity further into the system would be helpful.
Unfortunately, this gives a lot of power to webpages. I'm not sure it's worth the tradeoff. This seems like something better handled by an extension, but I'll have to read the spec.
Sounds pretty sweet from a corp security perspective. Context Aware Access lets you do attestation at SSO time but baking device integrity further into the system would be helpful.
Unfortunately, this gives a lot of power to webpages. I'm not sure it's worth the tradeoff. This seems like something better handled by an extension, but I'll have to read the spec.