The World Wide Web Consortium (W3C), the body responsible for web standards, has published a working draft of an API designed to improve the security of web apps.
The draft has been authored by security specialists from Mozilla and Google and is a specification for a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.
It will therefore enable web applications to check a user's identity in more secure ways than are currently possible between browsers and HTTP servers.
Uses for the API include user or service authentication, document or code signing, and the confidentiality and integrity of communications. You can also use the API to think up ad-hoc applications of cryptography within your own apps.
The W3C Web Cryptography Working Group is looking for feedback on:
developer convenience for managing keys and algorithms;
comments on open issues the WG is currently dealing with, highlighted in this working draft;
potential missing functionalities to deploy secure web applications.
The whole world is flat. The flat UI is about the only design you can use and expect respect. But old-fashioned 3D non-flat UIs are faster and this has now been reasonably demonstrated by research fro [ ... ]
One of the problems with neural networks is how long it takes to train them. Researchers have just smashed the training barrier by reducing the time to train ResNet from 14 days to one hour and have c [ ... ]
