Re: Request for feedback: DOMCrypt API proposal

----- Original Message -----
From: "Jarred Nicholls" <>
Sent: Monday, June 6, 2011 6:53:15 AM
Subject: Re: Request for feedback: DOMCrypt API proposal

>  I'm with Anders, we should flush out a well-thought user story first and
see what the target use cases are (specifically WRT key management and
consumption).  I'm good with seeing a v1 be simplified and inherently secure
by scoping its usage to same-origin 100%, and do a sibling spec later for
cross-origin & device key sharing.  Just a thought...

I agree, keeping these concerns for interoperability is important, but a simpler starting point is a necessity.

(Via comments here and elsewhere, I removed the addressbook API for this reason. I can see a web app able to provide an addressbook.  A web app addressbook can maybe become a prototype for a browser API down the road.)



Received on Monday, 6 June 2011 16:30:27 UTC