An oldie, somewhat OT.
   I enjoyed CF's bit of engineering here - of course CF is still a point
   where they are working with injectable plaintext. At least they don't
   have your private key material.
   [1]https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-d
   etails/
   What would be solid is if there were a browser module that did several
   things:
   Eliminated JavaScript dynamic calls (eval, new function(), setTimeout,
   setInterval, so on.)
   Eliminate 3rd party assets.
   Allowed web assets to be signed.
   Allowed sets of web assets to be versioned (and attested to by 3rd
   parties.)
   Dynamic HTML and JS (read, non-static HTML & JS) would not be
   supported.
   The combination of signing, versioning and lack of dynamic features
   paves the way for uninjectable, client-side in browser
   encryption/decryption. Something AFAIK we cannot do today. Is anyone
   working on it?
   -Travis
   On Wed, Sep 30, 2015 at 11:23 AM, Georgi Guninski
   <[2]guninski@guninski.com> wrote:

     On Wed, Sep 30, 2015 at 01:26:18AM -0400, grarpamp wrote:
     > [3]https://twitter.com/Snowden
     How this scores on twatter:
     1.03 meeelion followers for about 23 hours on twatter?
     (not sure about the error terms).

   --
   [4]Twitter | [5]LinkedIn | [6]GitHub | [7]TravisBiehn.com | [8]Google
   Plus

References

   1. https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/
   2. mailto:guninski@guninski.com
   3. https://twitter.com/Snowden
   4. https://twitter.com/tbiehn
   5. http://www.linkedin.com/in/travisbiehn
   6. http://github.com/tbiehn
   7. http://www.travisbiehn.com/
   8. https://plus.google.com/+TravisBiehn