Move this into a separate privileged process for corporate environments requiring attestation

[dmarti]

In the cases where the administrators of a web application do require control of the client (such as a desktop PC at a bank) they could, and do, deploy software that runs with elevated privilege to monitor not only the browser, but also the presence or absence of other software on the system.

Widely deployed browser attestation has a variety of competition and human rights problems that have been covered in other issues. Consider modifying this proposal to split its functionality into a monitoring tool, separate from the browser, that could be run with elevated privileges in corporate environments. That would avoid the problem of deploying attestation into both appropriate (same organization administers both the client system and the server) and inappropriate contexts.