(b) Stop stripping POSIX write access from files with READONLY. Rely on xattr to store that. (Or perhaps, stop stripping POSIX write access *if* we can store with xattr.) This is more correct in general, although it's an open question whether the difference will ever actually matter. It arguably loses something in terms of host integration, although I also wonder whether that matters. I feel like there was a discussion about this earlier, but I've forgotten what or where it was...
There are applications that depend on whether a file is marked read only or not, even if the underlying filesystem is (mounted) read-only. AkelPad for example checks if the configuration file is read-only or not. It will complain if the file is not marked read-only but the filesystem doesn't allow writes.
This would break if xattrs can't be stored while the filesystem itself is (mounted) read-only.
The short gist of it is that the read-only attribute should always be allowed to be changed or inspected, even on unix filesystems without xattrs. "stop stripping POSIX write access *if* we can store with xattr" should work.