Re: Use Case: Cryptographic primitives can help check source integrity before executing Javascript code previously stored in local storage. from Tom Ritter on 2012-08-17 (public-webcrypto-comments@w3.org from August 2012)

From: Tom Ritter <tom@ritter.vg>
Date: Fri, 17 Aug 2012 09:09:50 -0400
To: Tobie Langel <tobie@fb.com>
Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Message-ID: <CA+cU71=AmbDtVaiNc1iA-dHUKPbbAkObSxkvBhn_brRkMLpZ7A@mail.gmail.com>

A use case mentioned on the wiki that may encompass this is verifying
the integrity of *any* javascript include (file or localStorage)
before executing it.  If I include a third-party library of
jquery.1.8.2.js from a third party server that file should never
change - I ought to be able to specify a hash or signature or
something.  But keeping the use cases separate (especially because
Facebook seems to have fleshed this idea out thoroughly) is fine too.

-tom.

Received on Friday, 17 August 2012 13:15:53 UTC