What makes you think they're not separating content from client? Just because they're rendering the UI with the same technology they use to render the content, doesn't mean the UI and the content are all mixed up together with content able to influence the UI...

That's fine, as long as something replaces GTK2. Preferably something that actually plays well with configuration, like dark themes.

That's why they have rust and servo. Very strong sandboxing is an integral part of the design.
If you're interested follow the rust subreddit. It often has links to what's going on with servo. Just recently, last day or so, there was a post that spoke about initial rust integration into the Firefox build system (image decoder).

Also, consider that part of the Firefox is web APIs is the Browser Api. By writing interfaces in HTML you can take advantage of that api very readily.

Yes, and if the Servo browser is ready for prime time just one month earlier because they now spent some time to implement Firefox's UI in HTML, I'd say this project has been worthwhile.

Can someone explain how will this work with the toolkits (GTK,QT etc)? Will it just replicate the design?

Yeah, I'm curious about this, too. I mean, we already have these toolkits that render window frames and buttons and menus and all that. Why is it preferable to use HTML for this purpose?

Furthermore, if the Firefox's windowing stuff is all rewritten in HTML, what will render that?

None of which is relevant for Firefox even today. Gtk+ (on Linux, at least) is used for some internal rendering stuff, but it's not like it's used anywhere in the browser UI...the tabs along the top, the toolbar buttons... none of those things are Gtk+ widgets...

The same thing as today. All they're doing is replacing their existing XUL-based UI with an HTML-based one. It doesn't change anything about how pixels appear on the screen... it only changes how screens are coded.

Incidentally, keep in mind this isn't some major Mozilla project to replace the UI. It's a proof of concept with one or two developers behind it, an experiment to look at alternatives to the old XUL-based code that goes back fifteen years or more.

Firefox doesn't use the toolkits, so it won't work with them. This is just the idea of replacing the existing XUL renderer/interface with a HTML/CSS/Javascript renderer and interface. Mozilla's Firefox OS has an interesting aim - converge desktop and mobile apps to a common base of HTML/CSS/Javascript - and this is an extension of that. Everything in Firefox OS is HTML/CSS/Javascript, the launcher, the phone app, the camera app, etc. The hope is that standardised HTML/CSS/Javascript apps will replace a large amount of the existing Android/iOS/etc. apps and ease the pain of cross platform development. Native functionality (camera, GSM voice calls, etc.) is exposed through Javascript APIs and apps can run in a desktop web browser or embedded renderer.

The big question is whether the rendering and UI along with native JS (or cross-compiled asm.js style code) will be fast and responsive enough to replace native apps, and whether mobile developers will care enough to switch from native development. Google is pushing Java for application logic (with cross-compiling to Javascript and Objective C), and native UIs rather than HTML. Ximian is doing something similar with C#. Intel has its XDK cross platform HTML5 app runtime and tools. Many people have this idea of unified cross platform HTML/CSS/Javascript nirvana, though there aren't many Linux apps yet, or major apps on any platform for that matter - the most notable might be Youtube for the Playstation, which was written in AngularJS.

I don't know about iframes, but contexts in general are very secure. If they weren't, random website A in tab 1 could mess with your bank account open in tab 2. That's a well known security issue that browser vendors have worked to make sure cannot happen. (At least not without someone exploiting a security bug). There's no reason the browser UI wouldn't be in it's own secure context the same exact way - in fact, it'd likely be running in it's own process anyway since we're talking about a complete rewrite and they might as well bring in the electrolysis stuff at the same time.