This strikes me as a sizeable assumption. NK
On Saturday, 31 March, 2012 at 5:28 PM, [email protected] wrote: > > And javascript controls how it is used. Modify or add some JS and you can > take the key. > > > > 2012-03-31 22:56 skrev James A. Donald: > On 2012-04-01 6:17 AM, [email protected] (mailto:[email protected]) > wrote: > > There are two issues IMHO: > > > > * SSL flaws/Javascript MITM/bad servers. Your key can be leaked. > > According to the spec, your key remains on your browser. > > So cannot be leaked unless your computer has been got at. > _______________________________________________ > cryptography mailing list > [email protected] (mailto:[email protected]) > http://lists.randombit.net/mailman/listinfo/cryptography > > > _______________________________________________ > cryptography mailing list > [email protected] (mailto:[email protected]) > http://lists.randombit.net/mailman/listinfo/cryptography > >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
