Hi, Several people are creating browser plugins that rely on openssl. Would it be a good idea to create a browser plugin that implements just the openssl library?
Now, in php i can call openssl_sign() serverside. Then, client-side, things would be equally fantastic: my javascript could execute openssl.verify(), referring to an application/x-openssl object which would prompt the end user to see 'you need the OpenSSL plugin, published by OpenSSL.org, to view this webpage'. i could attempt the initial development of this plugin (with firebreath it's easy to create browser plugins, and it would only be a one-to-one 'binding' of the existing v1.0 library interface, really). i can however not (at this point) commit to long-term ownership of it. also, it would be publicly seen as something related to openssl as a trustworthy brand. alternatively, everybody who wants to do e2ee can publish an almost identical browser plugin, under their own brand. Or, more likely, people wanting to do e2ee will give up when they find out it would involve writing a browser plugin (i saw this happen recently to a project that would have been extremely promising, would they not have dropped e2ee). has this possibility been considered? (i searched the logs of this list but couldn't find any references) many thanks, Michiel de Jong twitter.com/unhosted
