On 11/17/2013 03:02 PM, Mike Belshe wrote:

I see no reason why you would want unauthenticated web apps any more than you'd want unauthenticated native apps.
The billion instances of Javascript programs run across the web this morning seem to be contrary to your assumption :-)

Most of those, of course, were trivial little things that controlled the behavior of some user interface presentation element. They were carefully constrained by the browser environments that ran them so that they could not do harm.

Great effort has been put into making these things run quickly and with a minimum amount of web resources expended. These days, many web development environments minify javascript and carefully manage it to be cacheable.

Certainly a class of application that could permanently manipulate the state of the device running it would need to be signed. I've helped to manage the chain of custody for Debian. So, I'm not denying that this is sometimes necessary. Just not for a large class of trivial things.