subtract-smiles

Recently, Google announced their new proposal for Web Environment Integrity in which "trusted" organizations may attest to the validity of a web request.

Now I'm not a cryptography expert by any means, but the more I read about it the more I feel like it is very similar to PGP's key-signing concept whereby individuals can attest to the trustworthiness of a PGP key by staking their own trustworthiness on-top of it which also carries the trustworthiness of those who signed their key, and so on.

In the end, wouldn't it be better to implement a similar system (if it must be implement at all) whereby the browser or OS signs the user's key and any other company or individual who has signed that OS or browser can attest to the trustworthiness of that browser?

Again, I don't have a full understanding of any of these concepts so if this is a dumb idea please tell me.

I'm going to be running a class teaching programming from scratch soon, and I want to make sure I don't confuse my students more than I teach them.

If you have any topics or concepts that made programming a lot easier for you to learn that I could make sure to mention in my class would be helpful.

With so many 'sub genres' in programming (machine learning, networking, frontend, etc.), what's your favorite one? For me, I really like sockets/TCP type programming in Rust and C but I'm curious what people like to code in free time.