undefined | Better HN

story

0 pointsdane-pgp8y ago0 comments

If your threat model says that Eve's webmail servers can be spoofed, then Alice can't use webmail at all, or possibly any websites. At that point, the security of PGP in JS is pretty much irrelevant.

0 comments

emj8y ago

I think that is one of the most obvious things that can happen, but no it only affects JS PGP that is integrated on a site you use. PGP in JS is still relevant because it makes it easier to download, verify and execute Javascript "anywhere", not as an integrated solution served by a third party. Sadly.

j / k navigate · click thread line to collapse

0 comments

emj8y ago

j / k navigate · click thread line to collapse