As a reminder, W3C WebCrypto API [1] is currently in "Last Call Working Draft". Speak now or forever hold your peace, as they say. This is going to be in the browsers sooner than you think.
There is a lot to like, and a lot to dislike. Some things to dislike: (1) rejection of Curve 25519 as part of the standard. (2) "extractable" key insanity What is an extractable key? If a private key has the extractable flag set [2], then the javascript application will have access to the raw key material, presumably to send it to the server and back it up on the user's behalf. How convenient. Unless the user has control over whether this can be enabled or disabled, extractable keys are basically a giant backdoor that reduces the security of WebCrypto's key management to nothing much better than what we have now (trust the origin for everything). If you have comments, follow the directions on [1]. -elijah [1] http://www.w3.org/TR/WebCryptoAPI/ [2] http://www.w3.org/TR/WebCryptoAPI/#dfn-Key-extractable -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
