Native JS Encryption

Mike Shaver mike.shaver at gmail.com
Sat Mar 19 13:12:23 PDT 2011


On Sat, Mar 19, 2011 at 10:09 AM, Mark S. Miller <erights at google.com> wrote:
> I agree about outside domain experts. In fact, I wish we could invite
> outside domain experts participate in all tc39 activities as we deem
> appropriate. I do not understand the rationale for bounding invited expert
> participation.

I think this would be a good idea.  If nothing else, providing "raw"
crypto APIs can be a footgun, given the difficulties in actually using
these ciphers and key management systems correctly.

Thomas Ptacek has a good post on this, and I've invited him to send me
an elaboration that I'll forward to the group.

http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html

TL;DR, at the risk of my mis-sumarizing Thomas' excellent exposition:
APIs like Google's Keyczar, which provide a more complete and
harder-to-misuse set of capabilities, would likely be a better idea,
and invite fewer missteps.  They would not be simple to implement
robustly, and neither Keyczar nor cryptlib are licensed liberally
enough to be baked into all implementations.  That's a sign that it's
a hard problem more than that those are bad solutions, though.

Mike


More information about the es-discuss mailing list