Profile cover photo
Profile photo
Zach Szafran
1,684 followers
1,684 followers
About
Zach's posts

Post has shared content
In work-related news, the Web Crypto API has now advanced to First Public Working Draft.

It was one of the first projects I got involved with when I started at Google, and perhaps the most involved one thus far, now that I'm "editing" it. The goal is "simple" enough, in that it seeks to provide a low-level cryptographic API for Javascript.

Along with other technologies, such as CSP [1]  or HSTS [2], it's, in part, trying to solve the "Javascript Cryptography Considered Hamrful" problem [3].

A secure RNG. Constant-time cryptographic primitives. A secure keystore. These are the sort of fundamentals from which a wide variety of richer applications can emerge. Just look at some of the use cases [4] that finally become possible.

So if you like Javascript, or if you care about crypto, check it out, and send feedback to public-webcrypto-comments@w3.org.

Please note: The API is rough. Very Rough. There's still a huge gap of known issues and missing normative text, and undoubtedly more than a few typos. That said, hopefully this document captures the idea and vision for what we're working on, and with feedback, can actually achieve.

[1] http://www.w3.org/TR/CSP/
[2] http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec
[3] http://www.matasano.com/articles/javascript-cryptography/
[4] http://www.w3.org/TR/WebCryptoAPI/#use-cases

Post has attachment
Didn't get deported this time

56 straight hours in flight/airport, 2 lost luggage and 1 deportation later...

Post has attachment
Next stop Zurich

Post has attachment
First stop, London

Post has attachment

Post has attachment

Post has attachment
Singly competition 

Post has attachment
Back to California

Post has attachment
Checkout this subreddit
Wait while more posts are being loaded