[maradydd]

The W3C working group will eventually produce a crypto API standard, though whether that standard will meet the requirements you describe remains to be seen. In particular, it exposes primitives (the proposed API can definitely be called in unsound ways), which a whole lot of people think is a terrible idea but which the standard editor seems bound and determined to ship. It's very frustrating.

[tptacek]

That's because W3C's goal in having a cryptography standard isn't security, but rather interoperability; they see encryption as another step towards making the web a first-class application development environment. Without it, they can't get Netflix to run on pure "open" web technology.

It's unfortunate, because we could use a secure browser crypto interface much more than we could use better browser interoperability with random non-web technology. But our industry is, of course, fundamentally unserious about security.