So why isn't that provided for? I mean, why after all this standardization is there not a standard for this?
-
-
Replying to @matthew_d_green @durumcrustulum and
It’s an extraordinarily hard technical problem. It’s not a “standards” problem, it’s an ACM paper problem.
1 reply 1 retweet 2 likes -
Replying to @tqbf @durumcrustulum and
Oh come on. It's adding signatures to content using the existing certificate system.
1 reply 0 retweets 0 likes -
Replying to @matthew_d_green @durumcrustulum and
No, it’s not. The entire runtime environment for a Javascript program is much more complicated than a signed HTML blob.
3 replies 0 retweets 6 likes -
Replying to @tqbf @durumcrustulum and
Then lock down the environment the same way plugins have done, but have the signed plugin served from a server.
3 replies 0 retweets 2 likes -
Replying to @matthew_d_green @tqbf and
I mean there exists SOME variant of this problem that might be hard but there is also a workable and simple version of it.
1 reply 0 retweets 2 likes -
Replying to @matthew_d_green @durumcrustulum and
If that’s true, define it here and see if there isn’t a trivial bypass.
1 reply 0 retweets 1 like -
Replying to @tqbf @durumcrustulum and
I already did. Chrome plugins that load from a server.
1 reply 0 retweets 0 likes -
Replying to @matthew_d_green @durumcrustulum and
You’re describing Chrome Extensions. I agree: Extensions are workable. I’m saying WEB PAGES are hard to secure.
3 replies 0 retweets 1 like -
plz do not kill what remains of the open web in a cryptofight
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.