I wish to serve a web application where only digitally signed code from a trusted source is allowed to execute for a given domain.
To me it seems like such an obvious step for browsers to work towards implementing this.
Yes it is probably very messy technically, perhaps bordering impossible. But the upside would be enormous in my view.
Anyone knows why this hasn't been done?
