After getting the basics out of the way in the last article this blog dives deep and assesses the security mechanisms of the Web Cryptography API.

The first article of the blog series „The Web Cryptography API: Do not trust anybody!” explains the Web Cryptography specification. If you haven’t already, read

The goal of this series of blog articles is to evaluate the Web Cryptography specification before analysing the Web Cryptography API. Finally a sample application using the new API is implemented, which extends existing cloud storage services with the option to encrypt all files on the client side by WCA prior upload.

IT systems are of central importance in (almost) every area. Particularly in the context of critical infrastructures or sensitive personal data, IT security is of par