[geofft]

In order to do that, you'd need a change on the website's server to load and embed a Google ad into the web bundle. But if you could do that, you could just make a change on the website's server to render a Google ad into a normal web page - it's a less complicated change, and it can be done right now without adding a new feature to every browser.

I also don't really follow the attack that Google is supposedly trying to protect itself from. Is it trying to track whether websites that have signed up for Google ads are actually serving those ads to users? (Why would they care about that? If ads aren't being served, websites aren't making money.) Is it trying to track whether ads are showing up on users' screens and not being blocked by an ad-blocker? (Then it doesn't make a difference if Google views a signed web bundle or injects a script to monitor the page, and again, they're already injecting a script.) If a Google script is blocked, isn't the answer to track it as "zero" - i.e., what's the problem with (potentially) more ads being shown than Google knows about?