On Fri, Jun 7, 2013 at 7:59 PM, Steve Weis <[email protected]> wrote: > > I'd like to reiterate the importance of code delivery. I've seen a > couple dozen of attempts to do crypto via server-hosted Javascript. > All of these reduced to trusting whomever is serving the code. This > issues have been covered many times, most prominently by Matasano > Security: http://www.matasano.com/articles/javascript-cryptography/
Hello everyone: This is what I call the server in the middle problem. I actually did my final career project about this [1]. Basically, we need the equivalent of SSL in the sense of standarization for end-to-end web security, or this problem will get worse and worse. Regards, -- [1] http://edulix.wordpress.com/2012/01/08/the-server-in-the-middle-problem-and-solution/ -- Eduardo -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
