Google and Mozilla's web cryptography API gets first working draft

Google and Mozilla's web cryptography API gets first working draft

Summary: The programming interface, being developed within the W3C, could lead to more secure web apps. Possible use cases include cloud storage and secure messaging.

TOPICS: Security

Web apps could become more secure through the use of a 'web cryptography API', a working draft of which has been published by the World Wide Web Consortium.

The draft, published late last week, was put together by engineers from Google and Mozilla and is the first for the API to be publicly released.

It describes a JavaScript application programming interface (API) that would allow web apps to perform basic cryptographic operations, and to generate and manage the keying materials needed for this.

The functionality would include hashing, encryption and decryption, signature generation and signature verification.

Use cases for the API could be found in cloud storage, multi-factor authentication, secure messaging, document signing and protected document exchange, the draft suggested.

Topic: Security

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Why, Is Web Security A Problem?

    What are the most pressing problems with Web security right now?

    * Forged CA certs issued with the collusion of malicious CAs, or the negligence of lax ones
    * Phishing attacks, which can only be perpetrated because users don't actually bother to check certificates anyway.

    So in what way will yet another cryptography API address either of these problems?