>>topshe+(OP)
I realise all the negative effects if this starts becoming a thing, but could someone explain how is it they propose to technically enforce this "signed browser binary" requirement? What's stopping me from writing my browser to submit false info? Any encryption keys or hashes present in the "certified" binaries can be extracted (the binary after all needs access to it to use it, right?).
The only way this has a slightest chance of working is in connection with trusted hardware. Microsoft has been trying hard to push tpm on everyone and failed. What makes them think they'll succeed?