[webkit-dev] DOMCrypt
Christoph Martens
cmartens at zynga.com
Wed Jul 27 00:59:22 PDT 2011
Hey Adam,
I thought it might make sense to let the user specify a private key file
(e.g. an RSA-key) that is in the browsers KeyChain.
Would that make sense to have it implemented in the DOMCryptAPI?
Otherwise I can't see many use cases, because I think encryption on a high
OSI layer just doesn't make sense for me.
If someone is able to sniff SSL/TLS encrypted packages due to nulling he
will also be able to collect enough generated data to see how the hashing
on the Browser-side works and which one will be the next hash generated -
thanks to cuda and ati stream.
But that's just my personal opinion on that.
Greets from Germany,
Chris
__________________________
Christoph Martens
JavaScript Engineer, Zynga Germany
Freetime Cyanogen developer, kernel.org core dev and Metasploit hacker
Zynga Game Germany GmbH
An der Welle 4
60322 Frankfurt, Germany
cmartens at zynga.com
On 7/27/11 7:53 AM, "Adam Barth" <abarth at webkit.org> wrote:
>Hi webkit-dev,
>
>As some of you are probably aware, Mozilla is experimenting with
>exposing some basic cryptographic primitives to web applications:
>
>https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
>
>I wanted to get a sense from the WebKit community about how interested
>we are in implementing this feature. My sense is that this API is
>fairly early in it's lifecycle, so one perspective is that we should
>wait for Mozilla to experiment for a bit longer and revisit this
>question once the design is further along (e.g., submitted to the W3C
>standards process).
>
>Another perspective is that there are some simple parts of the API
>that we should implement now, and we can grow into the more involved
>parts of the API as they mature. For example, the CryptoHash
>interface can be implemented independently of the rest of the API and
>provides value by itself.
>
>Thoughts?
>
>Adam
>_______________________________________________
>webkit-dev mailing list
>webkit-dev at lists.webkit.org
>http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
More information about the webkit-dev
mailing list