When the web exploded, it invalidated Windows 95's security model.

The security model had been "good enough" before the web.

But after the web, the only viable approach was a microkernel.

No level of patching atop a monolithic kernel could make it safe.

Perhaps we've crossed the same threshold for security architecture of networked software?

What will the "microkernel" of networked software look like?