Clarify the first paragraph of the proposed solution

State explicitly why this is more secure.
WICG · Apr 18, 2022 · da2034b · da2034b
1 parent 2c0a835
commit da2034b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@ This proposal should _not_ be considered a desirable model for most web-based ap
 
 ## Proposed Solution
 
-The first component of this proposed solution is to decouple the integrity of the site resources from the integrity of the host serving them. Web Bundles (combined with [Signed HTTP Exchanges](https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html)) propose a way of packaging HTTP responses in a way that allows an untrusted third party to distribute them on behalf of the original server. Isolated Web Apps take this in a different direction by creating an entirely new origin for content served from these bundles.
+The core of this proposal is making application updates explicit. Unlike TLS keys, which have to be available online to establish new connections, the key used to sign the Web Bundle can be kept securely offline and is used infrequently. The channel through which updates are distributed creates another point where the new resources can be checked for potentially malicious content. This is different from bundling [Signed HTTP Exchanges](https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html) because we don’t intend to create a verifiable mirror of a subset of a site’s resources, but a holistically verifiable version of an entire application. For this reason Isolated Web Apps should use a new origin for content served from these bundles.
 
 The reason for this is both practical and philosophical. If the identity of the site were still based on a DNS name, then it would still be vulnerable to a temporary loss of control over that domain or the infrastructure used to validate ownership of the domain. Philosophically, we also want to avoid building an alternative to certificate authorities which shares the same namespace. Isolated Web Apps therefore use a new scheme (tentatively, `isolated-app://`) where the authority section of the URL is a hash of the public key used to sign the Web Bundle containing the application resources.