On Sat, 17 Mar 2012 03:17:15 -0700 Andreas Gal wrote: > Web apps should use the same basic security model the web itself uses.
You mean the model that everyone in security is saying should be replaced as soon as practical and agreed upon. You could still use openssl but you should use more features than websites curently use in the mainstream. It's not like the mainstream browsers are doing a bullet proof job in terms of security in the current easier model of keeping code at arms length. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
