Have you check on others approaching the same problem?

Yes, but they all have what ek calls "swiss cheese security models," ie they are vulnerable to sufficiently sophisticated attacks, which is not ideal to say the least.

there could be out there other alternatives?

We are investigating them, but doing this kind of thing breaks THE fundamental assumption of browser tech: the domain owner and the service available at the domain are one and the same (or at least fully trust each other).

Design

What creative ideas have you been rambling on?

deSign_r

> Have you check on others approaching the same problem?

Yes, but they all have what ek calls "swiss cheese security models," ie they are vulnerable to sufficiently sophisticated attacks, which is not ideal to say the least.

> there could be out there other alternatives?

We are investigating them, but doing this kind of thing breaks THE fundamental assumption of browser tech: the domain owner and the service available at the domain are one and the same (or at least fully trust each other).