WebCrypto is relativley new but it is already used in some very popular services, some of which include:
| Description | |
|---|---|
| openpgpjs | Uses WebCrypto to protect email. |
| 1Password Teams | 1Password for Teams uses WebCrypto to make sharing passwords easy. |
Ryan Hurst rmhrisk
rmhrisk
/ gist:0c8acb2986c87dd1e38a
Created
June 30, 2014 23:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am rmhrisk on github. | |
| * I am rmhrisk (https://keybase.io/rmhrisk) on keybase. | |
| * I have a public key whose fingerprint is 5000 49AF 1C7F AC3D 289C F1DB CC09 BF9C 8C1F A332 | |
| To claim this, I am signing this object: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Verifying that +rmhrisk is my Bitcoin username. You can send me #bitcoin here: https://onename.io/rmhrisk |
rmhrisk
/ The things that use WebCrypto.md
Last active
October 7, 2016 23:49
What things use WebCrypto?
rmhrisk
/ How to flush your OCSP cache.md
Last active
October 14, 2016 15:23
rmhrisk
/ The PDF is dead, long live the PDF.md
Last active
November 5, 2016 18:24
PDF was initially released over 23 years ago, it solved a very important problem. How could you provide an electronic equivalent to paper?
As a standard, like most things evolved over decades, it’s actually pretty awful. The specification reads like it was designed by an army of people who seldom spoke and had no long term plan.
That said, it is without a doubt still one of the most important file formats on the web. Its issues are a direct result of the era it was designed in, open standards were far from the norm, the desktop was king, and the internet was primarily used for email.
A lot has changed since then, but PDF itself, though it has had more features added to its specification, has not materially changed much. Some of the larger issues with the format include:
- They are often bloated large documents making them slow to download and render,
- The layout is generally fixed and not responsive making them awkward to read on a mobile device,
Ryans-MBP:room_react_skylink rmh$ ping google.com
PING google.com (216.58.193.78): 56 data bytes
64 bytes from 216.58.193.78: icmp_seq=0 ttl=55 time=6.156 ms
64 bytes from 216.58.193.78: icmp_seq=1 ttl=55 time=5.830 ms
64 bytes from 216.58.193.78: icmp_seq=2 ttl=55 time=7.903 ms
64 bytes from 216.58.193.78: icmp_seq=3 ttl=55 time=7.963 ms
64 bytes from 216.58.193.78: icmp_seq=4 ttl=55 time=6.510 ms
64 bytes from 216.58.193.78: icmp_seq=5 ttl=55 time=4.856 ms
64 bytes from 216.58.193.78: icmp_seq=6 ttl=55 time=6.755 ms
We do security-oriented development in Javascript on both the server (Node) and in the browser and strive to share code whenever possible. This led us to build a few different libraries based on Web Crypto, the first of which was PKIjs.
The first commit to PKIjs, our PKI library for browsers based on Web Crypto, was in February of 2014. When we started this project Web Crypto was basically only supported by Chrome. Today that picture has changed a lot and all major browsers support it to varying degrees.
Using Web Crypto made sense to use as the cryptographic library for this project for a few reasons, one of the largest being the risks associated with Javascript based cryptography.
Though browser support for Web Crypto has improved significantly there are still a [few rough edges](https://www.boxcryptor.com/de/blog/post/bui
Edge
Safari
Chrome
Firefox
rmhrisk
/ Web Crypto and Web Application Security Basics.md
Last active
July 12, 2019 07:42
Web Crypto and Web Application Security Basics
If you are going to be using Web Crypto in your application you better also get the basics of Web Security in your application taken care of. This is a list of resources that are useful when looking at the security of a web application.
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network.
rmhrisk
/ Progressive Web Applications, Isomorphic Javascript and Web Crypto.md
Last active
June 3, 2020 08:41
Progressive Web Applications, Isomorphic Javascript and Web Crypto
A Progressive Web Appplication uses modern web capabilities to deliver an app-like user experience, these applications are sometimes built as isomorphic web applications. In these cases, much of the code that runs on the client also runs the server.
This combination of approaches and the various technologies that make them possible are being used to build a new class of web applications that can often come together quicker and in many cases are indistinguishable from native applications.
So much so, thanks to Electron, you can often wrap these web applications as "native applications". These web-native applications look great too, if you use Slack or Visual Studio Code you know what I am talking about.
I believe Web Crypto is a great addition to this toolchain. With the Web Crypto these applications can incorporate strong,
OlderNewer