On Tue, Jan 14, 2014 at 6:53 PM, Tony Arcieri <basc...@gmail.com> wrote: > ... > http://cryptosphere.org > > I also detail the present unsuitability of the browser for cryptographic > applications in this blog post: > > http://tonyarcieri.com/whats-wrong-with-webcrypto
i see what you did there. browser based crypto... pointed to localhost! touché! ;) agree with your premises: - failure to provide cryptographic lower bounds - failure to do crypto outside insecure browser - failure in trusting https however i would go further in that cryptosphere demands defense in depth; put your trusted localhost in an environment isolated from the browser entirely; Qubes style. best regards, -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.