- From: Jeffrey Walton <noloader@gmail.com>
- Date: Sun, 11 Oct 2015 17:41:11 -0400
- To: Tony Arcieri <bascule@gmail.com>
- Cc: "public-web-security@w3.org" <public-web-security@w3.org>
On Sun, Oct 11, 2015 at 5:08 PM, Tony Arcieri <bascule@gmail.com> wrote: > On Sunday, October 11, 2015, Jeffrey Walton <noloader@gmail.com> wrote: >> >> Telling folks to upgrade to Windows 8 or 10 is just bike shedding. Its >> not a answer.... > > > Actually, I gave several options, all of which solve this problem: > > 1) Use this shim: https://github.com/vibornoff/webcrypto-shim > 2) Use a more modern browser > 3) Use a more modern OS Two and three are not really solutions, they are simply bikeshedding. Two can increase attack surface, and even violate policy. For example, a corporate policy may prohibit installing non essential software like the Firefox browser on a Windows server. For those who don't violate policy, they have an increased attack surface. The shim looks promising. But what's the point if WebCrypto is supposed to standardize these things? Why not forgo all the WebCrypto working group gyrations and skip to the shim? Jeff
Received on Sunday, 11 October 2015 21:41:39 UTC