Il 10/28/13 3:14 PM, Guido Witmond ha scritto:
> I know that this kind of argument attract crypto-trolling ("Javascript encryption" and "Unauthenticated encryption" and "Opportunistic encryption") but i think that it's worth discussing because it could be a revolutionary approach to challenge massive wiretapping. What does various people think about this approach?
>
> One question: How does the javascript get to the browser without any
> interference from intermediate parties?
No protection against active attacks.

The purpose is to defeat massive wiretapping that's a passive.

Active attacks are mostly for targetted attacks, so outside the scope.

There was many interesting discussion about the likelyhood to implement a PoC like this in a very simplified way, of easy integration with existing web applications:
https://github.com/digitalbazaar/forge/issues/84

--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org