You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While the web platform is currently suitable for many applications, there is one for which it, as it stands now, is fundamentally unsuitable for: end-to-end encrypted messaging and collaboration tools. The reason is security: the threat model of an end-to-end encrypted messaging app is that all server-side code is untrusted and potentially hostile. While the servers are often operated by the same entity that can push updates to the clients, the difference is that those updates must be cryptographically signed.
Is the need for this best met by a WebExtension with an extension page and no permissions? Or is this something that should be handled differently?
The text was updated successfully, but these errors were encountered:
While the web platform is currently suitable for many applications, there is one for which it, as it stands now, is fundamentally unsuitable for: end-to-end encrypted messaging and collaboration tools. The reason is security: the threat model of an end-to-end encrypted messaging app is that all server-side code is untrusted and potentially hostile. While the servers are often operated by the same entity that can push updates to the clients, the difference is that those updates must be cryptographically signed.
Is the need for this best met by a WebExtension with an extension page and no permissions? Or is this something that should be handled differently?
The text was updated successfully, but these errors were encountered: