(Accurate) Snark aside, what is this thing and is it good?
1. Google's announcement webmasters.googleblog.com/2019/04/instan…
2. Google's explanation developers.google.com/web/updates/20…
3. Latest draft of the spec wicg.github.io/webpackage/dra…
4. Mozilla's position mozilla.github.io/standards-posi…
5. Google's privacy comments: blog.amp.dev/2018/07/23/pri…
Even if the connection to the intermediary is over TLS, there is a problem: the browser can only get guarantees it connected to the right intermediary.
It breaks many assumptions about how the web works. It breaks how the browsers' UIs and security signals currently work, the same ones we've been hammering into users to look for to establish trust in a website.
Google skipped all that. Naughty.