[tahoe-dev] new project
David-Sarah Hopwood
david-sarah at jacaranda.org
Thu Sep 6 03:24:34 UTC 2012
On 05/09/12 04:47, Tony Arcieri wrote:
> On Tue, Sep 4, 2012 at 8:40 PM, David-Sarah Hopwood <david-sarah at jacaranda.org
> <mailto:david-sarah at jacaranda.org>> wrote:
>
> Well, not really. They can't fix security flaws without patching the
> browser code, which is sort-of technically possible, but impractically
> fragile. Fortunately, HTML5 sandbox addresses the same-origin issues at
> least to the extent of being able to reliably create frames that have
> their own unique origin.
>
> Curious what you have to say in regard to that and CryptoCat... but perhaps that's worthy
> of its own thread elsewhere ;)
I agree 100% with <http://www.matasano.com/articles/javascript-cryptography/>.
HTML5 sandbox doesn't change anything there.
--
David-Sarah Hopwood ⚥
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120906/d4176500/attachment.pgp>
More information about the tahoe-dev
mailing list