- From: James Marshall <james@jmarshall.com>
- Date: Tue, 25 Mar 2014 13:57:49 -0700
- To: public-webcrypto-comments@w3.org
- Message-ID: <CAGEp=f0Ew_SeHV0+knFK7ogkAg94-iSU2QA8xfdYDDDhsrXS_A@mail.gmail.com>
New here... glad to see work happening on this. I've wanted client-side
encryption for a while.
In the current draft, is there any protection against a compromised or
malicious server learning decrypted content, e.g. by having JS that
decrypts data and then sends that back to the server? Ideally, client-side
encryption can protect data from a malicious server. For example, I'd like
to see a webmail site with full end-to-end encryption, without making us
trust the server at all. CSP helps, but is not a full solution.
If this hasn't been addressed, I think of two possible solutions, neither
one very good:
1) Use a kind of "taint", where decrypted data and all data derived from it
is prevented from being sent back to a server.
2) Use HTML to define an element to display decrypted data, without
allowing JS to access the content of that element. Something like
<div id="mysecret" type="encrypted" algorithm="..." ...></div>
.... and something similar for an input field that is to be encrypted before
JS can access its data.
Am I missing something, and has this been addressed?
Thanks,
James
Received on Tuesday, 25 March 2014 21:05:04 UTC