Cool but there is a lot more that can be done to improve a browser privacy by fighting fingerprinting. I.e. provide standardized sets of data about the host system via JS APIs: only list a standard set of fonts (+ those a user consciously chooses to expose), a most common display resolution that is less or equal to the real display resolution of the machine, obfuscate canvas/webgl/cache response time etc.
Extensions API should also get optimized in a way so privacy-enchancing extensions (like Ghostery, Adblock Plus and NoScript) would work faster.
And there is a favourite extension of mine called "self destroying cookies" that currently is blocked for sending user data to remote servers unnecessarily, and potential for remote code execution - I believe it's actual functionality (not sending user data to remote servers but what it is meant for - one-click whitelisting particular domains and only keeping cookies for these while deleting cookies for others as you close them) should be built into the browser.
I happen to also work on Firefox/Tor Browser's anti-fingerprinting work, so yea - we're trying to make improvements there too =)
Containers is a big Firefox feature (exposed through an Add-On) in this category too.
As far as Web Extension APIs, I don't know much about that, but if you have an API that would enable a use case that Mozilla doesn't have a bug on and haven't considered; you are welcome to file a bug explaining what you would like and what you would use it for, and the Web Extension team will consider it.
Thanks. Great to read you work on anti-fingerprinting, I'd name this among the most important subjects today.
I don't code privacy enhancing extensions myself (that feels like "inventing my own crypto" for me - not enough competence to be sure I won't make it worse actually), I've just noticed Firefox becomes significantly more slow when I enable them so I guess there probably are some sorts of bottlenecks in the Web Extension APIs (or maybe not really).
Extensions API should also get optimized in a way so privacy-enchancing extensions (like Ghostery, Adblock Plus and NoScript) would work faster.
And there is a favourite extension of mine called "self destroying cookies" that currently is blocked for sending user data to remote servers unnecessarily, and potential for remote code execution - I believe it's actual functionality (not sending user data to remote servers but what it is meant for - one-click whitelisting particular domains and only keeping cookies for these while deleting cookies for others as you close them) should be built into the browser.