Tuesday, April 22, 2008

Cryptography API for Google Gears

Gears will provide native cryptography to web applications, at least this is what Google Summer of Code student Mike Ter Louw is planning to implement in the coming months. While it is possible to implement browser side cryptography in Javascript (e.g.: dojox.encoding), only few Ajax applications use this functionality, because it is slow and for communication purposes it only adds a very thin layer of security (requiring lots of tricks) , compared to HTTPS.
But HTTPS is a bit of a problem in todays clouding computing platforms, because it requires static IPs tied to a domain name for a valid certificate. So gears maybe will become a preferred option to increase poor man's web application security.

No comments: