- From: Aymeric Vitte <vitteaymeric@gmail.com>
- Date: Wed, 15 May 2013 18:10:17 +0200
- To: Arun Ranganathan <arun@mozilla.com>
- CC: "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
Received on Wednesday, 15 May 2013 16:08:15 UTC
Yes, sorry, I did not realize it was related to my mega cookie story and mixed things. Regards, Le 14/05/2013 22:00, Arun Ranganathan a écrit : > On May 13, 2013, at 4:38 PM, Aymeric Vitte wrote: > >> In another email, you wrote "2. The key can be shared with origin 2 >> via cross-origin messaging." >> (http://lists.w3.org/Archives/Public/public-webcrypto/2013May/0036.html), >> I don't see how CORS could apply here, withCredentials or not, CORS >> is only about sending/receiving things to/from other origins and >> sharing some stringyfiable things or cookies uses, you can not share >> keys, the best you can do is to send some information to allow >> another origin to find the keys. >> >> Maybe I am missing something but what is the idea here? > > > (I was responding to your point about IndexedDB being a "mega-Cookie" > and unwisely elected to discuss differences in how Cookies can be used > vs. client-side stores. I'm sorry if this was confusing. These > technologies are unrelated to our discussion of Crypto and > cross-origin messaging.) > -- jCore Email : avitte@jcore.fr iAnonym : http://www.ianonym.com node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms Web : www.jcore.fr Webble : www.webble.it Extract Widget Mobile : www.extractwidget.com BlimpMe! : www.blimpme.com
Received on Wednesday, 15 May 2013 16:08:15 UTC