Summary

Sec-CH-UA-WoW64 hint (and associated JS API) is no longer relevant for modern web and is useful only for fingerprinting the User Agent. If implementer (User Agent) cares about user privacy, it should consider deprecating Sec-CH-UA-WoW64 (by freezing it to a fixed value and perhaps eventually removing it).

Background

Sec-CH-UA-WoW64 is (per §3) a "boolean indicating if the user agent's binary is running in 32-bit mode on 64-bit Windows". It largely overlaps with Sec-CH-UA-Platform (which reports platforms, e.g. Windows) and Sec-CH-UA-Bitness (which reports CPU architecture, either 32 or 64-bit). The latter two reveal all relevant information about the underlying system while WoW64 hint reports only information about the User Agent.

Use case 1: Selection of appropriate native installer (for the underlying OS)

§ 1.2.5. ("Download of appropriate binary executables") mentions web page content adaptation to propose a system-specific native software installer (to be used outside of browser). As noted in the section, this use case requires only Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, and Sec-CH-UA-Bitness because they contain complete information about the OS. Using Sec-CH-UA-WoW64 would actually be misleading for this use.

Use case 2: Selection of appropriate NPAPI plugin (for the User Agent)

The motivation for the hint is described in the explainer:

[WoW64 hint] was commonly used to know which NPAPI plugin installer should be offered for download. It's included here for backwards compatibility considerations...

NPAPI was an early browser plugin API developed back in 90-s for Netscape Navigator and later implemented, extended, adapted by Internet Explorer, Mozilla Firefox, and Chromium. The NPAPI system was removed from Chromium 45 released in September 2015 (as per Chromium Blog, Chrome Platform Status). The modern alternatives (e.g., WebAssembly) do not require any separate installers and thus do not need WoW64 hint.

Proposal

§3 already permits User Agents to return false (or any fictitious boolean value) for WoW64 hint:

User agents MAY return ... false for hints of type sf-boolean, or any other fictitious value, for privacy, compatibility, or other reasons, given a request for ... wow64-ness...

I propose changing the specification §3 to recommend or require that wow64-ness is always reported as "false" (?0), even when User Agent runs in WoW64 mode. Specifically, replace the following:

wow64-ness - A boolean indicating if the user agent’s binary is running in 32-bit mode on 64-bit Windows. (e.g., ?0 or ?1)

with the following:

wow64-ness - A constant boolean representing "false" (serialized as ?0).

And similarly update all other references to the hint.