On 11/18/14, 10:26 PM, Michaela Merz wrote:
First: We need signed script code.
For what it's worth, Gecko supported this for a while. See <http://www-archive.mozilla.org/projects/security/components/signed-scripts.html>. In practice, people didn't really use it, and it made the security model a _lot_ more complicated and hard to reason about, so the feature was dropped.
It would be good to understand how proposals along these lines differ from what's already been tried and failed.