like if I want my computer to lie to a server then it should always be possible with no downsides. i dont care about why you think that for Security Reasons companies should be allowed to make that impossible.

@halcy The only situation where device attestation makes sense is with employer provided devices IMO.

@halcy validating the integrity of a device is fine and has multiple benefits as explained here when using the open Hardware Attestation API for an OS and device pair to verify themselves. The bit that shouldn't exist is app distributors using it to enforce locked and closed market protection systems. Individual app developers can and should have already self regulated by using the existing open standard if they needed it, not adbicating responsibility to a centralised mechanism.