I'm quite interested in js encryption but at the moment, it seems, all
the stuff available, doesn't add security to browser based encryption
stuff.
As the "Introduction" below [1] states, it is at prototype state. I
marked the text ( see ->>...<<- below) that makes me courious.
-m
=[1]== quote from Developer Documentation (PDF) ====
! Introduction
The OpenPGP JavaScript implementation can be used to make OpenPGP
available to Web-based Mail-applications. Especially in environments
where code execution or programs on the operating system level cannot
be executed this implementation can be used.
The implementation currently implements a Chrome Browser Extension
which uses the HTML5 local storage of the extension to store private
and public certificates (keys). Chrome Browser Extensions enabling
JavaScript applications to run in their own context separated from the
Web-site. This is a basic security feature this implementation uses. -
>> Since memory-wipe of private data and validation of a secure
execution environment cannot be achieved in JavaScript this
implementation should not be used in environments where the
confidentiality and integrity of the transmitted data is important.
<<-
The implementation is in a prototype state.
======
[1] http://gpg4browsers.recurity.com/GPG4Browsers-Developer_Documentation.pdf