Ok, so I think below are the only parts of your reply relevant to the "force every website to implement it" idea:
> Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
Um, no. Let's imagine a world where Chrome starts warning about "websites that don't support WEI". What does that actually mean? At most it'd mean warning about websites that don't request an attestation. It cannot possibly be a warning about how the website uses the attestation, or whether it even uses it. So in this world where you imagine that Google Search can attest that a request is coming from their crawler, and every site in the world has been strongarmed into requesting an attestation by the mustache-twirling villains at Chrome, nothing about crawlability by smaller search engines has changed. Other search engines can provide their own attestations, and the sites can choose whether to trust them. Websites can choose to ignore the attestations entirely.
> Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes.
Normalized and legitimate in whose view? Why do they need that legitimacy? It's normally an invisible feature to the users. If it ships in Chrome and is available for Google to use for protecting their own properties against abuse, that's all they really need. They want to make the mechanism available for other sites and other browsers, but not because that third-party adoption is particularly important.
The reality is, anyone with an anti-abuse problem will be delighted to have this signal available, especially as the browser fingerprinting surface will keep shrinking over the next few years. There will be no need to coerce sites to use the API.
It's just a really stupid idea. High visiblity, absurdily high risk of a backlash (having it be a security warning would be obviously untrue), and all for literally no rewards. I will happily take a bet at 100:1 odds that this prediction will not become true. It will not happen by 2027 like the author thinks. It will not happen by 2033. And if that's really the most realistic threat to digital freedom that you can envision, we're in a pretty good shape.
> Client attestation also prevents bots(both good & bad bots of all types including new search indexing bots) from accessing websites. This has a nice side-effect for Google that it restricts building a new search engine(a competitor) without its blessing. Search is a gateway to Google's advertising.
Um, no. Let's imagine a world where Chrome starts warning about "websites that don't support WEI". What does that actually mean? At most it'd mean warning about websites that don't request an attestation. It cannot possibly be a warning about how the website uses the attestation, or whether it even uses it. So in this world where you imagine that Google Search can attest that a request is coming from their crawler, and every site in the world has been strongarmed into requesting an attestation by the mustache-twirling villains at Chrome, nothing about crawlability by smaller search engines has changed. Other search engines can provide their own attestations, and the sites can choose whether to trust them. Websites can choose to ignore the attestations entirely.
> Like any product that any company introduces, it is to drive adoption? The more websites use it, the more normalized and legitimate WEI becomes.
Normalized and legitimate in whose view? Why do they need that legitimacy? It's normally an invisible feature to the users. If it ships in Chrome and is available for Google to use for protecting their own properties against abuse, that's all they really need. They want to make the mechanism available for other sites and other browsers, but not because that third-party adoption is particularly important.
The reality is, anyone with an anti-abuse problem will be delighted to have this signal available, especially as the browser fingerprinting surface will keep shrinking over the next few years. There will be no need to coerce sites to use the API.
It's just a really stupid idea. High visiblity, absurdily high risk of a backlash (having it be a security warning would be obviously untrue), and all for literally no rewards. I will happily take a bet at 100:1 odds that this prediction will not become true. It will not happen by 2027 like the author thinks. It will not happen by 2033. And if that's really the most realistic threat to digital freedom that you can envision, we're in a pretty good shape.