Re: MSL from Mountie Lee on 2014-11-03 (public-webcrypto-comments@w3.org from November 2014)

From: Mountie Lee <mountie@paygate.net>
Date: Mon, 3 Nov 2014 14:04:28 +0900
To: Mitch Zollinger <mzollinger@netflix.com>
Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
Message-ID: <CAE-+aYLsTZJG+WzxWkntwiJhsoZj4_TH8ZJ5H42+P-UWhaUkYg@mail.gmail.com>

Hi.

this is interesting.

a question I have is

how the message handler (normally javascript in client side) is protected?

MSL seams to give applicaton level protection for message on top of
transport layer.

without the protection of JS code which is handling message,
it will be very difficult to get reliability of message.

regards
mountie

On Mon, Nov 3, 2014 at 12:37 PM, Mitch Zollinger <mzollinger@netflix.com>
wrote:

> We released a WebCrypto based protocol called "Message Security Layer"
> (MSL) last week. If you're curious, have a look:
>
> http://techblog.netflix.com/2014/10/message-security-layer-modern-take-on.html
>
> Mitch Zollinger
>
>

-- 
Mountie Lee

PayGate
CTO, CISSP
Tel : +82 2 2140 2700
E-Mail : mountie@paygate.net

Received on Monday, 3 November 2014 05:05:17 UTC