On Wed, Jul 16, 2014 at 5:04 PM, Olivier Goffart <[email protected]> wrote:
> > A good read: http://matasano.com/articles/javascript-cryptography/ > > In summary, if you can't trust the server that it does the encryption, then > you also can't trust that it does not serve you bad javascript that sends > to > the server the encryption keys. > > I agree, that's why we would ultimately need to have a client software that can be compiled from source on your own machine :), so that the encryption is done totally without the help of server Server shall only store the encrypted stuff and anything else it can do without understanding its encryption. -- Emre
_______________________________________________ User mailing list [email protected] http://mailman.owncloud.org/mailman/listinfo/user
