Il 10/28/13 3:14 PM, Guido Witmond ha scritto:
   > I know that this kind of argument attract crypto-trolling
   ("Javascript encryption" and "Unauthenticated encryption" and
   "Opportunistic encryption") but i think that it's worth discussing
   because it could be a revolutionary approach to challenge massive
   wiretapping. What does various people think about this approach?
   >
   > One question: How does the javascript get to the browser without any
   > interference from intermediate parties?
   No protection against active attacks.
   The purpose is to defeat massive wiretapping that's a passive.
   Active attacks are mostly for targetted attacks, so outside the scope.
   There was many interesting discussion about the likelyhood to implement
   a PoC like this in a very simplified way, of easy integration with
   existing web applications:
   [1]https://github.com/digitalbazaar/forge/issues/84
   --
   Fabio Pietrosanti (naif)
   HERMES - Center for Transparency and Digital Human Rights
   [2]http://logioshermes.org - [3]http://globaleaks.org -
   [4]http://tor2web.org

References

   1. https://github.com/digitalbazaar/forge/issues/84
   2. http://logioshermes.org/
   3. http://globaleaks.org/
   4. http://tor2web.org/