> Have you check on others approaching the same problem?

Yes, but they all have what ek calls "swiss cheese security models," ie they are vulnerable to sufficiently sophisticated attacks, which is not ideal to say the least.

> there could be out there other alternatives?

We are investigating them, but doing this kind of thing breaks THE fundamental assumption of browser tech: the domain owner and the service available at the domain are one and the same (or at least fully trust each other).

k00b

Design

What creative ideas have you been rambling on?

deSign_r

That's a really specific and biggie one! Have you check on others approaching the same problem? Are domain pointed at your service the only option, or there could be out there other alternatives?