> It has the advantage of not relying on the Certificate Authority system
I wouldn't say it's an advantage, while CA system has many flaws at least it's monitored somehow (for example via Certificate Transparency) while putting keys in DNS would require the app to validate records (does GnuPG do that?), not to mention the queries are not encrypted (so are visible to any hop) and could be transparently replaced by your government or TLD operator. Many DNS providers do not allow adding "exotic" records.
Actually CSP can also block content modifications by extensions. I frequently get CSP reports from browsers using plugins that want to insert something on my site. Some time ago I also got CSP reports that indicated the AdBlocker couldn't touch the site too...
> I was only able to get the situation sorted because I know people who work at Google on the Chrome team.
Hehe, one thing all successfully resolved issues have in common - a friend inside of Google. Maybe that's by design... Google employees are not friends with bad guys!
> put my own domain-specific CA Cert in DNS directly.
Remember that this allows any of your government or people controlling the zone to transparently put the cert there too. (For potential problems see [0]).
With the CA system (that I personally also don't like) at least the certs are logged in Certificate Transparency logs so you see any potential attacks.
> I recently sold an XPS 13, an i7 9543 model from 2015, which was the first laptop in a long time that I regretted buying.
I've got 9350 and it's also bad. Coil whine, one firmware update completely bricked it (fortunately was on warranty), "fun" with accessories (TB15 was a disaster). Would not recommend.
Actually it's only the NBD warranty that keeps me with Dell (used that and it's very convenient). Does Microsoft have something like that?
I have to agree, Google gives new meaning to "open source". Open source as "we share some source but the actual meat is in closed proprietary codebase that you cannot inspect". I still remember the AOSP maintainer (Google employee) leaving because he couldn't do his work properly because of Google's politics w.r.t. Android.
Or was that the open source that RMS warned us about?
I agree with this suggestion. It took me a year to slowly absorb the entire book of Statistics [0] including solving all exercises. It's just like walking to school but there is no external supervision. I made a rule to complete one chapter every evening including exercises and sticked to it.
So if I understand it correctly the client-to-server API is simple but servers internally build a Git-like structure? Interesting design, I think I'll read the specs for how history is stored.