W3C home > Mailing lists > Public > public-webcrypto@w3.org > June 2012

Re: taxonomy and use cases

From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 29 Jun 2012 13:31:51 -0700
Message-ID: <CABcZeBOwC8dDLS+=Thfi1SNz1u3TaKHn5Q0A6YgZYO-ZGY7OJw@mail.gmail.com>
To: Zooko Wilcox-OHearn <zooko@leastauthority.com>
Cc: public-webcrypto@w3.org
On Fri, Jun 29, 2012 at 2:55 AM, Zooko Wilcox-OHearn
<zooko@leastauthority.com> wrote:
> * Code to perform key negotiation (OTR-style) and data encryption for
>  real-time messaging (secure IM) over websockets or WebRTC. Initially
>  it could be done in web-content (still vulnerable to the code
>  provider), but could migrate to an addon. Needs DH (curve25519 would
>  be great), AES (in some authenticated-encryption mode), or just some
>  high-level box/unbox primitives.

Side note: WebRTC will provide this functionality between the browsers
out of the box. I.e., all browser-browser data channels are to be encrypted
with DTLS. Obviously, this doesn't solve your problem with Websockets.

-Ekr
Received on Friday, 29 June 2012 20:32:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 29 June 2012 20:33:00 GMT