
What’s wrong with in-browser cryptography? - mikecarlton
https://tonyarcieri.com/whats-wrong-with-webcrypto
======
RubyPinch
> So, in fact, the W3C is not telling us what algorithms to use at all. [so
> they'll all pick bottom-of-the-barrel-algos, which] in the hands of amateurs
> are akin to handling plutonium.

It isn't up to the browser to stop people shooting themselves in the foot,
"Why is your web app's download verifier so slow?" "Oh because some person's
blog demanded that only cryptographic functions he liked should be allowed, so
I had to use a javascript-based one instead" sounds like a pain in the ass,
but totally possible (mega, mediafire, etc), hypothetical

And browsers at this point in time are getting far better at making an
approximate "standard" for these kinds of things

> However, this approach just doesn’t work in a browser, as illustrated by the
> MEGApwn utility

Yes, this approach doesn't work in a system where you can't generate a number
on the other side of the sandbox. Hence, we should not try to make a system
that would allow putting/creating a number on the other side of the sandbox?
That logic is a bit daft, isn't it?

