On Tue, Jul 29, 2014 at 6:53 AM, Lodewijk andré de la porte <[email protected]> wrote: > > JavaScript cryptography is possible, there are usecases, and it is > *definitely* *not *"considered harmful" by default. >
By default you aren't using HTTPS, HSTS, and CSP. Without these things, doing cryptography in a web page is most definitely harmful and insecure. -- Tony Arcieri
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
