On 25/02/12 09:32, Fabio Pietrosanti (naif) wrote: > I would also invite to consider in the "taxonomy of problems" the > possible way of deployments of JS crypto: > > - Mobile Application > Javascript can be used to build mobile applications (PhoneGap) where the > code is delivered compiled in a normal application. > > - Self-contained "offline" HTML5 Application > Single self-contained HTML5 application can be used by users, not > necessarily downloading it every time from the web. > Those can be online (interactive with external services via REST) or > offline (interacting with local data). > Two example are the "online" TiddlyWiki (http://www.tiddlywiki.com/) and > the "offline" SelfDecryptEmail (http://leemon.com/crypto/SelfDecrypt.html) > > - Pure Web application (web-delivered) > That's the most common context we think at and for which most security > risks are considered/perceived. > > - Browser plug-in application > That's the typical option to be provided and suggest to let the user > have a verification method for the JS code (code verification and/or > code delivery).
You forgot one. Server side JavaScript applications. I've recently started learning NodeJS (http://nodejs.org/) and am looking forward to using OpenPGP.js with it one day. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: OpenPGP digital signature
_______________________________________________ http://openpgpjs.org
