Today I had lunch with Peter Nixey of Web Kitchen. We talked about all sorts of interesting topics, including his recent blog posting, Why XHR Should Become Opt-In Cross Domain. This posting was written in a very interesting style and compares cross-domain scripting permissions to ordering beer in a pub. Peter explains the problem, the issues, and proposes some intriguing solutions. He's obviously given it a lot of thought and has shared his thinking in the piece. It is a must-read if you think that you are building mashups or think of yourself as a competent "web 2.0" style developer.
I would be very interested in getting your feedback on this post -- is this a problem that we need to address, do you agree with his solution, would it work for you, and so forth? Reply to his post, and I'll check in to see what you have to say.