On 11/1/12 10:13 AM, "Richard L. Barnes" <rbarnes@bbn.com<mailto:rbarnes@bbn.com>> wrote: I think End-to-End encryption is easily implementable with current webcrypto API spec. My feeling is that truly private, end-to-end encryption using the WebCrypto API (or indeed any JS crypto library) is only possible if implemented in an open-source browser extension, such as Cryptocat. As far as I can tell, it is not possible in a web app using the WebCrypto API. standardization for E2E is diffucult issue. Probably, but some reasonably simple standards should be possible. For example, encrypting/decrypting text and encrypting/decrypting files look like two relatively simple and fairly general use cases. Best regards, Arthur If you don't trust the downloaded JavaScript, why are you using a web app? If you have to download a browser extension, then you might as well install a dedicated application. ISTM that your definition of E2E is not really germane to this working group. Exactly my opinion as well. Well said. --RichardReceived on Thursday, 1 November 2012 21:18:47 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 1 November 2012 21:18:48 GMT