[rdl]

I agree we need to move toward being able to build secure client apps in the browser. It's clearly "important", in that a lot of people want it, for meaningful and good reasons, and this is likely to continue. It's just not possible today.

Signed extensions are a decent step today (although installing an extension is potentially about as heavy as installing a client app, depending on how locked down your environment is).

CSP and some future extensions can be helpful.

There's server-side stuff which can help, too.

WebCrypto is a useful step.

The problem is it's going to be a long process involving a lot of parts, controlled by different parties. So it's responsible to say "we're going to build a webapp which is as secure as we can make it today; these are the known vulnerabilities". Some users are in a good position to evaluate the risks, others aren't. I care a lot more about things doing what they say they're doing than what in particular they say they're doing. The scary thing is when the people building something don't seem to know the well-known vulnerabilities.