This is far from practical yet, but I'll go ahead and assign this to myself. It can track stuff like routing up the signature algorithm in DevTools and whatnot.

But right now work is primarily external to Chromium in the form of identifying problematic vendors.