@feld @gsderp there's no way they can enforce the integrity of a secure environment if they allow arbitrary plugins and extensions so they will have to be approved specific-use extensions. chrome and firefox have moved to an approved extension model so they have the mechanism in place already to do this. extensions are gatekept and subject to manpower limitations and stupidity, in approval in particular if your extension manifest includes functionality they know is a risk of compromising the environment eg anything that has network access to a remote resource. I feel like the answer is that their statement is deliberately misleading.