if you don't think having a key isolated in a separate process without networking is much better than having it floating around in the safari's memory space, I can't help you. ideally key stored in: hw device > sandboxed process > browser plugin > webpage saying I'm misrepresenting the problem is just not true, this is an obvious improvement short of hw device signing. I guess it just comes down to how much you trust browser engineers to not fuck things up.