reboot the web

proposed/reboot_the_web.md

@@ -0,0 +1,24 @@
+#infos
+
+auth-name       : substack
+tag             : browser, crypto, web
+
+advance costs   : N
+need room       : Y
+Location        : Oakland (but I will be in Paris)
+Can host ppl    : N
+
+
+# REBOOT THE WEB
+
+Browsers have been quietly and methodically adding native crypto primitives,
+but one gaping attack vector remains: every time you load a page, you load code
+directly from the server.
+
+The person running that server can be coerced, hacked, or forced by sealed court
+order to change that javascript payload at any time. What we need to make web
+crypto viable is a bootloader for the web. Luckily, this is now possible by
+abusing the new application cache API to brick a website except for a
+whitelisted update feed. Now the user can finally be in control of which updates
+they get from web pages, making browser crypto much more secure while preserving
+all the usability benefits of the web.