- From: David Dahl <ddahl@mozilla.com>
- Date: Fri, 3 Jun 2011 08:48:44 -0700 (PDT)
- To: Rich Tibbett <richt@opera.com>
- Cc: public-webapps@w3.org
----- Original Message ----- From: "Rich Tibbett" <richt@opera.com> To: "David Dahl" <ddahl@mozilla.com> Cc: public-webapps@w3.org Sent: Friday, June 3, 2011 6:25:15 AM Subject: Re: Request for feedback: DOMCrypt API proposal > I wonder whether the problem is actually just one of generating sufficiently cryptographically secure PRNGs or whether there are real benefits to creating a full-blown UA-based Crypto API and the can of worms that might open. With Firefox, we are sitting on top of a well tested, tried and true set of crypto APIs written in C that can be accessed via js-ctypes - and on a worker no less. I think your average web developer needs an elegant API that is using world class crypto under the hood instead of re-building the wheel. naturally, giving JavaScript a secure PRNG would be great. There is a lot of discussion on this subject here: https://bugzilla.mozilla.org/show_bug.cgi?id=322529 Cheers, David
Received on Friday, 3 June 2011 15:49:12 UTC