Re: WebCrypto Security Analysis from Aymeric Vitte on 2014-03-28 (public-webcrypto@w3.org from March 2014)

From: Aymeric Vitte <vitteaymeric@gmail.com>
Date: Fri, 28 Mar 2014 01:17:25 +0100
To: Richard Barnes <rlb@ipv.sx>
CC: Ryan Sleevi <sleevi@google.com>, Mark Watson <watsonm@netflix.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>, Kelsey Cairns <kelsey.cairns@inria.fr>
Message-ID: <5334BF95.9090504@gmail.com>

No, as I wrote, other lists feedback is useless.

Please, answer the question.

Le 28/03/2014 00:06, Richard Barnes a écrit :
> This is really not the list for this discussion.  Please take it to 
> webappsec if you want to continue.
>
>
> On Thu, Mar 27, 2014 at 6:36 PM, Aymeric Vitte <vitteaymeric@gmail.com 
> <mailto:vitteaymeric@gmail.com>> wrote:
>
>
>     Le 27/03/2014 22:01, Ryan Sleevi a écrit :
>
>         Sure, and on Chrome, we're changing this behaviour to match
>         Firefox (we found multiple compatibility issues each time we
>         tried - I'm surprised Firefox/IE did not, but they already
>         treat ws:// and http XHRs as active mixed content that is
>         blocked). Although we're far away from the topic at hand.
>
>     What do you mean? If you can not use wss then http with ws is
>     better than https with ws? That's not possible.
>
>     Regards
>
>     Aymeric
>
>
>     -- 
>     Peersm : http://www.peersm.com
>     node-Tor : https://www.github.com/Ayms/node-Tor
>     GitHub : https://www.github.com/Ayms
>
>

-- 
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

Received on Friday, 28 March 2014 00:17:57 UTC