Y
Hacker News
new
|
ask
|
show
|
jobs
by
attilak
4091 days ago
Nice idea, sadly only as secure as https.
1 comments
eliaskg
4091 days ago
As all clients need a password to enter a room, the messages could be encrypted with that password. There are a lot of JS libraries that could do this, e.g. Triplesec
link
icebraining
4091 days ago
http://matasano.com/articles/javascript-cryptography/
link
knadh
4091 days ago
Author here. Right now, it's only as secure as https, but I'll look into JS encryption. It's just a fun project that came out of some Go experiments.
link
lclarkmichalek
4091 days ago
Still would only be as secure as https if the client is downloading your JS crypto lib every visit.
link
attilak
4091 days ago
Would it be safe to keep the crypto lib on the client somehow? Browser addon? local storage? How would we do that?
link
rakoo
4091 days ago
https://webpg.org/
link