Re: Draft blog post for WebCrypto API from Zooko Wilcox-OHearn on 2012-10-22 (public-webcrypto@w3.org from October 2012)

From: Zooko Wilcox-OHearn <zooko@leastauthority.com>
Date: Mon, 22 Oct 2012 13:12:58 -0600
To: Harry Halpin <hhalpin@w3.org>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAM_a8JyHspzLeMYn_k3m7Z44_83A0+hyfVzDAqtohTdPmTyGCQ@mail.gmail.com>

On Sat, Oct 20, 2012 at 11:40 AM, Harry Halpin <hhalpin@w3.org> wrote:
>
> Given that there is already cryptography in the browser hidden under TLS,
> this API simply exposes low-level cryptographic functionality to WebApp
> developers through a standardized interface, with the value of the API being
> given by enabling applications that require features such as
> cryptographically strong random number generation, constant-time
> cryptographic primitives, and a secure keystore. No one doubts that without
> these functions, Javascript web cryptography would be a good idea.

Is this supposed to say that no one doubts that *with* these
functions, Javascript web cryptography would be a good idea?

Received on Monday, 22 October 2012 19:13:25 UTC