> <i>When the browser loads this Signed Exchange, it can safely show the publisher’s URL in the address bar because the signature in the exchange is sufficient proof that the content originally came from the publisher’s origin.</i><p>I disagree - there important differences:<p>- the original server will not see your download request. This will skew their logs/statistics.<p>- someone else (i.e. Google) will see what you are downloading instead. It's a privacy issue. No wonder Google likes this. They want to know what everything is accessing on the internet. That's why they also run those oh-so convenient DNS servers.<p>It looks as if Signed HTTP Exchanges are opt-in at the moment. Whether or not your want a CDN in front of your website must be the site owners' decision, not Google's.
If I'm reading this right, does this mean that current Google AMP powered pages will now be able to impersonate the url of the original publisher site in Chrome provided the publisher performs a key exchange?