On Fri, 2014-08-22 at 14:32 -0500, Endi Sukma Dewata wrote: > > If for some reason we decided to generate fingerprints in the UI, in > my opinion using WebCrypto will not pose any security problem or > mislead users into a false sense of security because the operation is > purely informational, it does not do any > encryption/decryption/validation. Any fingerprint generated on the UI > side will be discarded anyway, the server will still generate its own > fingerprints.
It's not (only) the users I am concerned about, mostly the developers. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
