It just shows that Microsoft doesn't take the hard approach of FOSS fanatics but uses what suits the purpose best.
Most open source projects run on windows. Linux usually comes first, but 90% of the time there is a windows port. What % of Microsoft apps run on something other then windows? It looks to me that the "FOSS fanatics" are very good about allowing people to pick what suits them the best while Microsoft isn't.
most developers want to get out of the hell produced by these kinds frameworks.
Sadly not the ones I work with. We sent a developer to asp.net training and he came back saying he was being left behind. He was talking about how silverlight was the future. The trainer brain washed him good.
1. Prevent MITM attacks. Query several notaries and make sure that they fetch and deliver the same certificate you got. OK, I'll buy this. But:
How do you know your talking to the notaries and not the MITM pretending to be the site you want and the notaries? Maybe we should have notaries to check the notaries. But then how do you prevent those notaries from... we'll do it once more and everything will be ok. If the MITM controls the router/DNS/firewall/network/proxy/etc you used to access the internet the MITM might be the only one you can talk to. You could distribute the notaries certs with the browser so that they can't be MITMed... aka SSL.
I have a theory that it's impossible to prove anything, but I can't prove it.