30.12.2014 05:11, carlo von lynX пишет: > It has been done. Web Crypto API is being deployed. It is a terrible > idea that Eleanor Saitta and I have heavily criticized in the > respective W3C mailing lists because there is no way on earth that > servers can be trusted to deliver the correct HTML and Javascript > such that end-to-end encryption will actually take place - therefore > it is giving false promises to users. There is no privacy gain > compared to using HTTPS and having the server handle the data > since users would never be able to tell when their trust is broken. >
This is a good explanation why javascript solutions don't do. Thanks.
