[whatwg] window.cipher HTML crypto API draft spec
Ian Fette (イアンフェッティ)
ifette at google.com
Tue May 24 09:52:50 PDT 2011
I personally find this to be a very interesting and potentially useful
proposals. One of the problems that we / the web face is a legal requirement
faced by many Asian banks (esp. Korea) to digitally sign all transactions.
To meet this requirement, they use ActiveX controls, as the platform doesn't
really give them the primitives they need. This seems like it should give
them what they need, but I would be very interested in knowing whether
there's more that would be needed or whether this would actually suffice.
It would be good if we can figure out whether this is sufficient for e.g.
Korean banking requirements, and if not, what else would be necessary. Does
anyone have contacts with the relevant industry groups?
On Fri, May 20, 2011 at 8:04 AM, David Dahl <ddahl at mozilla.com> wrote:
> Hello WHATWG members,
> With user control and privacy in mind, I have created a spec and an
> implementation for an easy to use cryptography API called DOMCrypt. This API
> will provide each web browser window with a 'cipher' property that
> * asymmetric encryption key pair generation
> * public key encryption
> * decryption
> * signature generation
> * signature verification
> * hashing
> * easy public key discovery via meta tags
> I have created a Firefox extension that implements all of the above, and am
> working on an experimental patch that integrates this API into Firefox.
> The draft spec is here:
> The project originated in an extension I wrote, the home page is here:
> The source code for the extension is here:
> The Mozilla bugs are here:
> You can test the API by installing the extension hosted at domcrypt.organd
> addons.mozilla.org, and going to http://domcrypt.org
> Best Regards,
> David Dahl
> Firefox Engineer, Mozilla Corp.
More information about the whatwg