Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenPGP Implemented In JavaScript

Posted by Unknown on from the what-won't-someone-do-next dept.

angry tapir writes with this excerpt from Tech World: "Researchers from German security firm Recurity Labs have released a JavaScript implementation of the OpenPGP specification that allows users to encrypt and decrypt webmail messages. Called GPG4Browsers, the tool functions as an extension for Google Chrome and now is capable of working with GMail." A quick gander at the source leaves me with the impression that it should be more or less portable to other browsers. It's also built using a lot of off-the-shelf Javascript libraries. (Who knew Javascript had a bignum library and a number of cipher implementations?)

2 of 167 comments (clear)

  1. Re:Who knew? by Anonymous Coward · · Score: 5, Interesting

    The short book, JavaScript: The Good Parts, by Douglas Crockford ....

  2. Re:Who knew? by slim · · Score: 5, Interesting

    It can't be done. The problem is that the language itself is so horribly broken that anything built upon it, be it libraries, applications, tutorials or books, will inherently be horrible, too. JavaScript just can't be salvaged. It needs to be discarded.

    I used to think this, but I don't any more. The aforementioned Crockford book is the bible on this.

    There is a "pleasant" Javascript community, and what they have done is to separate Javascript into three parts:
      - the good parts -- use them
      - the bad parts -- avoid using them altogether
      - the missing parts -- build acceptable workarounds to these using what's available

    For example, Javascript has a horrible tendency for scripts to pollute the global variable namespace. The community came up with the CommonJS module convention, which solves the problem rather neatly.