- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Tue, 7 May 2013 21:49:13 +0200
- To: public-rww <public-rww@w3.org>
- Message-ID: <CAKaEYh+ooE0eSDdyjbQPVL-Ye03v+-TvTOUO48pnUZj1a6HffQ@mail.gmail.com>
Still very much bleeding edge but this is expected to eventually implement the crypto in the browser API http://polycrypt.net/ *Description * Web apps are cool. Secure web apps are cooler. The W3C WebCrypto working group <http://www.w3.org/2012/webcrypto/> is developing a crypto API for the DOM <http://www.w3.org/TR/WebCryptoAPI/>. Ultimately, that should let web apps get access to the high-grade crypto that's already in browsers. Unfortunately, that means that web developers can't play with the API until the browser vendors have it implemented. In the mean time, we're trying to create a pure JavaScript implementation of the WebCrypto API that people can use to get a feel for how they can use the API in practice. This implementation might be useful after the API is in browsers, as a polyfill for non-upgraded browsers. But that's a secondary use case for us, due to the security risks of pure JS crypto<http://www.matasano.com/articles/javascript-cryptography/>. (That's also why we don't have HTTPS enabled for this server, as a reminder not to use PolyCrypt when real security is required.) Our latest release implements a recent draft<http://dvcs.w3.org/hg/webcrypto-api/raw-file/60de9e02a40b/spec/Overview.html>of the Web Cryptography API from the W3C's WebCrypto working group. Check out our demo page <http://demo.polycrypt.net> to see it in action.
Received on Tuesday, 7 May 2013 19:49:42 UTC