On Fri, Jun 7, 2013 at 7:59 PM, Steve Weis <[email protected]> wrote:
>
> I'd like to reiterate the importance of code delivery. I've seen a
> couple dozen of attempts to do crypto via server-hosted Javascript.
> All of these reduced to trusting whomever is serving the code. This
> issues have been covered many times, most prominently by Matasano
> Security: http://www.matasano.com/articles/javascript-cryptography/

Hello everyone:

This is what I call the server in the middle problem. I actually did
my final career project about this [1]. Basically, we need the
equivalent of SSL in the sense of standarization for end-to-end web
security, or this problem will get worse and worse.

Regards,
--
[1] 
http://edulix.wordpress.com/2012/01/08/the-server-in-the-middle-problem-and-solution/

--
Eduardo
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at [email protected] or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Reply via email to