Time for IETF witch hunt? (was: NSA Co-Chairs of Crypto Forum Research Group, Legitimacy of WebCrypto API in Doubt)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Oct 26 02:38:08 PDT 2014
"Meredith L. Patterson" <mlp at upstandinghackers.com> writes:
>WebCrypto is a shitshow in large part because the people at its wheel
>perceive a need for JavaScript programmers to make decisions about what
>cipher mode to use. They're dead-set on forcing developrs who write
>Javascript because C is hard to make low-level decisions that affect the
>reliability of their code in profound and non-obvious ways, and refuse to
>understand that this approach never ends well.
+1.
(But then not allowing people to make their preferred crypto fashion statement
would also be removing their freedom to shoot themselves in the foot with a
machine-gun. In any case as a security researcher I don't know what you're
complaining about, you're getting a guaranteed lifetime supply of material for
future presentations at Defcon/Black Hat/etc).
Peter.
More information about the cypherpunks
mailing list