Protocol cleanup after security review

[jt55401]

Follow-up from the IETF and W3C security/spec reviews.

Decisions to encode in the specs:

• Encoding: specify one canonical wire encoding: unpadded Base64. Producers must emit canonical unpadded Base64; verifiers should reject non-canonical signed attributes except in explicitly legacy tooling.
• Origin binding: use the Web/URL origin model instead of inventing domain rules. Reference the relevant origin serialization rules and then update code to bind scheme, host, and port consistently.
• Claims hashing: treat all direct child meta elements inside signed-section as claims and sign them all. Call out duplicate normalized names, malformed metadata, ordering, and whether this includes signed-at as separately bound or double-bound.
• Directory API: keep the spec API normative and fix code to match it.
• Endorsements: keep the structured endorsement format and fix code to match it.
• Browser snapshot: define verification over server HTML before browser extensions or page scripts can mutate it. Prefer the original response snapshot; allow fallback re-request from the server, with stale/source-only semantics if rendered DOM later differs.
• Text-only scope: start a signed attribute allowlist with href, src, alt, and aria-label; leave the exact list open for community feedback.
• Network/CSP/privacy: add a provisional browser fetch/privacy model covering CORS, CSP, credentials, referrer, service workers, redirects, cache, user opt-in, and failure behavior.

Deliverables:

• Update the IETF draft wire protocol text.
• Update the W3C CG HTML/DOM integration text.
• Update examples and open issues to reflect these decisions.
• Add a clear implementation migration checklist for code repos.

Review artifacts: IETF_SPEC_REVIEW.md and W3C_SPEC_REVIEW.md in the spec repo.