We’ve had enough of digital monopolies and surveillance capitalism. We want an alternative world that works for everyone, just like the original intention of the web and net.
We seek a world of open platforms and protocols with real choices of applications and services for people. We care about privacy, transparency and autonomy. Our tools and organisations should fundamentally be accountable and resilient.
Reading your response and reading Askemos' docs, I'm inclined to say our projects solve fairly different problems. Let me step through the Mint.com example to hopefully clarify the differences.
Mint's application is hosted by remote servers which proxy to your bank's host servers. The details may have changed by now but, at one point, they asked for your username and password, then crawled your bank interface with an HTML-scraper. The issue with this system is, of course, data-containment: you give up your financial information to Mint in order to power the app.
In the runtime-extension architecture I'm suggesting, the banking site (let's say Citibank) behaves like a miniature OS. When a user goes to citibank.com, they'd use an in-site UI to load Mint.com's application into a Web Worker. Now contained on the client-side, Mint would be given readonly access to the financial information, and read/write access to a section of the DOM for rendering its UI, and no other privileges. This solves the data-containment issue.
The User-Agent behaviors and HTTP messaging handle the question of IPC between the Citibank page and the Mint worker. Typed links are used to export/discover the interfaces between those two threads.
I don't attempt to solve the need to trust Citibank's remote service, but I do offer a way to extend Citibank's software at runtime without compromising its integrity. Mint, in this case, is one such extension ("now with more graphs!"). What Web applications choose to make alterable is at their discretion, but, because integrity of the host page is always preserved, and because typed links can be used to do behavior- and security-reasoning, it should be safe for users to share extensions with each other (like they share pages now). Users, therefore, have the autonomy to develop and personalize Web applications without belonging to the host organization. Following our example, you don't have to be a Citibank dev to dev Citibank.
I'd need to research it more deeply, but I suspect that Askemos' protocols could be implemented in this extensions-architecture as a set of reltypes. It might be used to cluster multiple Worker scripts and remote services which all implement the same reltypes, but which are all written by different authors, in order to compare the integrity of their output. Does that sound correct?