I want to see native support for content-level cryptographic signatures in browsers. I also want it to be able to use a local GPG keyring, so I can validate against my chosen web of trust. JavaScript programs are just that---programs. When I use my package manager, or when I download a package online, I have a signature to verify against---either automatically (former) or manually (latter); https does not solve that.
This is different than the CA system, which verifies the _server_, not the content being served. A compromised server or successful MitM allows an attacker to modify data undetected.
This is also different from subresource integrity---it's a step in the right direction, but that only helps with third-party resources being loaded, and it doesn't at all help with cryptographic signatures.
Having signatures also helps with the case of programs constantly being updated outside the users' control. JavaScript programs are almost always ephemeral---they load with a webpage, and disappear when you leave, barring certain caching. "Updates" aren't really updates---you are re-downloading the program every time. So, hashes will change, and without cryptographic signatures, you can't be sure whether the new hash should even be trusted.
As a separate benefit, this support would also be useful for authentication online and asserting one's identity on e.g. social media, especially decentralized/federated services.
This is different than the CA system, which verifies the _server_, not the content being served. A compromised server or successful MitM allows an attacker to modify data undetected.
This is also different from subresource integrity---it's a step in the right direction, but that only helps with third-party resources being loaded, and it doesn't at all help with cryptographic signatures.
Having signatures also helps with the case of programs constantly being updated outside the users' control. JavaScript programs are almost always ephemeral---they load with a webpage, and disappear when you leave, barring certain caching. "Updates" aren't really updates---you are re-downloading the program every time. So, hashes will change, and without cryptographic signatures, you can't be sure whether the new hash should even be trusted.
As a separate benefit, this support would also be useful for authentication online and asserting one's identity on e.g. social media, especially decentralized/federated services.