Dear web developer, web technologist, web curious,
If you have a plan. And if you your plan is about integrating more security in your web development. And if you have been expecting an interoperable library in browsers for managing secret keys, ciphering your users sensitive data, signing a set of data.
This is your time ! This is the time for you to speak loud.
The W3C standardization work is in the last miles – despite our Cartesian principles, we all know those are usually the longest.
What do we have up to now ? We have :
- 1 specification 80 % stable
- 4 good but non-interoperable-yet-implementations (Chrome, WebKit, Firefox, IE 11)
- 1 set of basic tests
- 1 editor stepping down
- Some early adopters (PKI.js, JSON Web Tokens (JWT) )
But we are still missing :
- some bug review and resolutions on the implementer’s side,
- Some decision making to clarify bug features in the specification,
- Some complete set of tests.
So, if you want to have a chance to play with RSA or AES in your web app one day, and if you already have some pending development or experiment, just let us know.
Help to demonstrate some traction from the web developers community. This will definitely motivate browser makers to maintain their efforts on the development and maintenance of the W3C Web Crypto API.
Please, send reference to your projects, crypto wish list, or offer to support the WG operations to the W3C Web Crypto WG public mailing list:public-webcrypto@w3.org.
The open web platform will definitely need you !
poulpita 