[whatwg] Proposal for secure key-value data stores

Scott Hess shess at google.com
Wed Apr 14 21:25:57 PDT 2010


On Wed, Apr 14, 2010 at 5:23 PM, Nicholas Zakas <nzakas at yahoo-inc.com> wrote:
> I tried to articulate some of my thoughts as to why a generate purpose
> crypto isn’t enough to be useful and why trying to tack onto local storage
> could get messy:
>
> http://www.nczonline.net/blog/2010/04/13/towards-more-secure-client-side-data-storage/

I guess I don't understand why you think trying to tack it onto local
storage could get messy.  As you present it it would be messy, but
AFAICT it wouldn't be all that hard to write a JavaScript wrapper
which implements substantially the secure-storage interface you
propose using local-storage as a backend.  Doing it native would be
faster and perhaps more secure, but in terms of proving out the
interface itself those aren't really relevant.

-scott



More information about the whatwg mailing list