But other code from the same origin might not be signed, which could
break the security assertion of code signing.

The unit of signing should be the same as the unit of isolation, i.e.
the origin. Or, the origin should be expanded to include a 4th
element, the signing key(s). I don't know how to achieve that in a way
that does not bring with it the operational risks (bricking) of HPKP
and TACK.

Reply via email to