Currently, this is code for experimenting with different architectures for a client-side encryption collaboration platform.
- WSS Origin issue: can't run client as file:// (Chrome)
- Server certificate validation
- can't progamatically supply own CA in browser client.
- Chrome allows unsigned cert for WebSockets without warning; Firefox fails unless user browses normally to domain.
- Not using OpenSSL, which is subject to best scrutiny
- Portability. Need to run a non-trivial web server on each target platform ( which includes mobile).