←back to thread

The web does not need gatekeepers: Cloudflare’s new “signed agents” pitch

(positiveblue.substack.com)
454 points positiveblue | 1 comments | 29 Aug 25 16:35 UTC | HN request time: 0.239s | source
Show context
JohnMakin ◴[29 Aug 25 20:31 UTC] No.45069058[source]
> The same is true online. A cryptographic signature that claims “I am acting on behalf of X” means nothing unless it is tied to something real, like a verifiable infrastructure or a range of IPs. Without that, I can simply hand the passport to another agent, and they can act as if they were me. The passport becomes nothing more than a token anyone can pass around.

how does this person think jwt’s work?

replies(1): >>45070271 #
1. positiveblue ◴[29 Aug 25 22:48 UTC] No.45070271[source]
Hi, "this person here" Cloudflare will block that request that has a jwt because "it does not come from a person".

What I was trying to say is that even the discussion "is this a bot 100% sure or not" makes no sense.