[cryptography] crypto.cat

Nadim nadim at nadim.cc
Sat Mar 31 17:33:29 EDT 2012


This strikes me as a sizeable assumption. 

NK


On Saturday, 31 March, 2012 at 5:28 PM, natanael.l at gmail.com wrote:

> 
> And javascript controls how it is used. Modify or add some JS and you can take the key.
> 
> 
> 
> 2012-03-31 22:56 skrev James A. Donald:
> On 2012-04-01 6:17 AM, natanael.l at gmail.com (mailto:natanael.l at gmail.com) wrote:
> > There are two issues IMHO:
> >
> > * SSL flaws/Javascript MITM/bad servers. Your key can be leaked.
> 
> According to the spec, your key remains on your browser.
> 
> So cannot be leaked unless your computer has been got at.
> _______________________________________________
> cryptography mailing list
> natanael.l at gmail.com (mailto:natanael.l at gmail.com)
> http://lists.randombit.net/mailman/listinfo/cryptography
> 
> 
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net (mailto:cryptography at randombit.net)
> http://lists.randombit.net/mailman/listinfo/cryptography
> 
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120331/76d8ae86/attachment.html>


More information about the cryptography mailing list