On Tue, Jul 29, 2014 at 6:53 AM, Lodewijk andré de la porte l...@odewijk.nl
wrote:
JavaScript cryptography is possible, there are usecases, and it is
*definitely* *not *considered harmful by default.
By default you aren't using HTTPS, HSTS, and CSP. Without these things,
doing cryptography in
On Sat, Jul 26, 2014 at 2:57 PM, Theodore Ts'o ty...@mit.edu wrote:
On Sat, Jul 26, 2014 at 05:03:46PM +0200, Lodewijk andré de la porte wrote:
WHAT'S THE CHICKEN-EGG PROBLEM WITH DELIVERING JAVASCRIPT CRYPTOGRAPHY?
Somebody, please, give me something to say against people that claim JS
On 26/07/2014 16:03 pm, Lodewijk andré de la porte wrote:
http://matasano.com/articles/javascript-cryptography/
...
Somebody, please, give me something to say against people that claim JS
client side crypto can just never work!
It's like opportunistic security; it's the best you get in a