Update Trusted UI principle with Chromium's spoofing and clickjacking guidance

[jyasskin]

Chromium has a document of guidance for preserving trustworthy UI, much of which looks relevant to our Trusted UI principle. In particular:

• Prefer negative security indicators to positive or neutral ones <- so there's less incentive to spoof them.
• Avoid mixing trustworthy with untrustworthy content <- so usually don't let sites provide explanation strings
• Browser UI that requires multiple clicks can be good for security <- most of the clickjacking advice is browser UI that's outside the scope of web standards, but this part is another argument that choosers are better than yes/no decisions.

There may be other bits that I've missed on this read-through. If you see some, please point them out or send a PR. I'll try to send a PR for the above.

[jyasskin]

@simoneonofri This seems like a good topic for the Security IG. I'm encouraging Chrome's UX researchers to bring you some data to inform that discussion.