top | item 4810964

(no title)

doug11235 | 13 years ago

I read that article as explaining why a web application can't do crypto with javascript. As someone that knows almost nothing about browser extensions, can you elaborate on why one isn't a good idea for chrome?

discuss

jlgreco|13 years ago

The sections "How are browsers hostile to cryptography?", "What systems programming functionality does Javascript lack?", "What else is the Javascript runtime lacking for crypto implementors" cover issues you would encounter with browser extension cryto.

doug11235|13 years ago

I didn't realize extensions were largely javascript. Thanks for the pointers.

sneak|13 years ago

Presuming you're securing against gmail monitoring, Google in this case would be the eavesdropper/attacker.

Google controls the key/cert that allows for Chrome extension updating...

mtgx|13 years ago

I think you could at least have it implemented in NaCl in Chrome, if the Javascript versions fail.