[cryptography] crypto.cat

natanael.l at gmail.com natanael.l at gmail.com
Sat Mar 31 17:28:50 EDT 2012

And javascript controls how it is used. Modify or add some JS and you can take the key.

2012-03-31 22:56 skrev James A. Donald:

On 2012-04-01 6:17 AM, natanael.l at gmail.com wrote:
> There are two issues IMHO:
> * SSL flaws/Javascript MITM/bad servers. Your key can be leaked.

According to the spec, your key remains on your browser.

So cannot be leaked unless your computer has been got at.


cryptography mailing list

natanael.l at gmail.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120331/39a0c1d0/attachment.html>

More information about the cryptography mailing list