Native JS Encryption

Boris Zbarsky bzbarsky at MIT.EDU
Mon Mar 21 05:22:39 PDT 2011


On 3/21/11 4:40 AM, Erik Corry wrote:
> You want to protect the user from a compromise of Mozillas servers,

We also want to protect the user from a subpoena served to Mozilla, for 
example.  This means we must never have the data on our side, and this 
means the encryption needs to happen on the client, period.  This is not 
negotiable for proper functioning of the feature in question.

-Boris


More information about the es-discuss mailing list