Hacker News new | past | comments | ask | show | jobs | submit login

I'm the person who posted the tweet. Since then, some of my colleagues from the WebKit team have given more specific security feedback. Some of it has been addressed. And the Security Considerations section is less scary. But even so, I'd say we are pretty uncomfortable with this approach, for similar reasons to Mozilla. We can see some advantages to Google re-serving the whole web from their own servers and getting browsers to present it as if it comes from the origin, but it also seems like a worrisome change to the web security model.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact