W3C home > Mailing lists > Public > public-web-security@w3.org > June 2011

Re: Request for feedback: DOMCrypt API proposal

From: David Dahl <ddahl@mozilla.com>
Date: Thu, 2 Jun 2011 09:33:13 -0700 (PDT)
To: amoreira@br.ibm.com
Cc: public-web-security@w3.org
Message-ID: <1025075633.101057.1307032393668.JavaMail.root@zimbra1.shared.sjc1.mozilla.com>
Alysson:

Some of my colleagues have also asked about this API handling the functionality of <keygen>. This is possible. 

The DOM will not be encrypted, the name is derived from the API being hosted in the window object, I have no plans to encrypt the entire DOM.

I will be adding the symmetric API to my implementation as soon as possible - it is basically written already, I just need to add the API front end.

Cheers,

David

----- Original Message -----
From: amoreira@br.ibm.com
To: public-web-security@w3.org
Sent: Thursday, June 2, 2011 10:10:27 AM
Subject: Re: Request for feedback: DOMCrypt API proposal

Hello David, This is a great suggestion and something that definitely 
should be pushed to the spotlights. 

A have a question abt the ways you are creating the public key, do you 
believe it's possible to integrate the API with some back-to-life element 
from HTML5, such as the <keygen> tag?

Do you believe that encryption may create problems related to reflows? 
Since the DOM will be crypted, when the reflow will happen? Prior the 
crypto or after that?

And more, the symmetric encryption is something that should be considered 
for further implementations.

Best regards;

_____________________________________
Alysson Franklin Martins Moreira
Front-End Engineer - IBM CIOLab
Received on Thursday, 2 June 2011 16:33:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 2 June 2011 16:33:42 GMT