crypto.cat

Nadim | 31 Mar 2012 23:33

Re: crypto.cat

This strikes me as a sizeable assumption.

NK

On Saturday, 31 March, 2012 at 5:28 PM, natanael.l <at> gmail.com wrote:

And javascript controls how it is used. Modify or add some JS and you can take the key.

2012-03-31 22:56 skrev James A. Donald:

On 2012-04-01 6:17 AM, natanael.l <at> gmail.com wrote:
> There are two issues IMHO:
>
> * SSL flaws/Javascript MITM/bad servers. Your key can be leaked.

According to the spec, your key remains on your browser.

So cannot be leaked unless your computer has been got at.

_______________________________________________

cryptography mailing list

natanael.l <at> gmail.com
http://lists.randombit.net/mailman/listinfo/cryptography

_______________________________________________

cryptography mailing list

cryptography <at> randombit.net

http://lists.randombit.net/mailman/listinfo/cryptography

_______________________________________________
cryptography mailing list
cryptography@...
http://lists.randombit.net/mailman/listinfo/cryptography

Navigate

Go to gmane.comp.security.cryptography.randombit.

Topic

Go to the topic.

Search Archive

Language

Change language

Options

Current view: Threads only / Showing whole messages / Not hiding cited text.
Change to All messages, shortened messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane