[tahoe-dev] new project

David-Sarah Hopwood david-sarah at jacaranda.org
Thu Sep 6 03:24:34 UTC 2012


On 05/09/12 04:47, Tony Arcieri wrote:
> On Tue, Sep 4, 2012 at 8:40 PM, David-Sarah Hopwood <david-sarah at jacaranda.org
> <mailto:david-sarah at jacaranda.org>> wrote:
> 
>     Well, not really. They can't fix security flaws without patching the
>     browser code, which is sort-of technically possible, but impractically
>     fragile. Fortunately, HTML5 sandbox addresses the same-origin issues at
>     least to the extent of being able to reliably create frames that have
>     their own unique origin.
> 
> Curious what you have to say in regard to that and CryptoCat... but perhaps that's worthy
> of its own thread elsewhere ;)

I agree 100% with <http://www.matasano.com/articles/javascript-cryptography/>.
HTML5 sandbox doesn't change anything there.

-- 
David-Sarah Hopwood ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120906/d4176500/attachment.asc>


More information about the tahoe-dev mailing list