The second round of the new crypto meetup in munich was held yesterday at the office of FTAPI GmbH. The event was the first of hopefully many more to come and a great opportunity to discuss crypto in browsers and other security topics. FTAPI was not only host, but also initiator and organizer of this meetup and it was great to see a software company not only actively participating in the security community but also openly discussing all the questions directed at their products security.
To keep it simple, these are the key points that I took with me from this talk:
JS crypto has come a long way and is about to completely replace Java/Flash based implementations. As a pure framework, ForgeJS is the recommended way to go although the documentation is lacking. Native web APIs such as SubtleCrypto are the next step, but they still have some issues to sort out.
The first point is just one more step towards a flash-less web, but more importantly it enables developers to ignore Flash or Java as a dependency and gets rid of annoying warning or update messages that pop up every once in a while. Besides the talk it was just a great and relaxed evening with interesting discussions and people and we really enjoyed talking to all these like minded people about so many different things.
Whether you’re a crypto expert or just curious, if you live in munich or find yourself in that general area and have an interest in security, I highly recommend you join us on the next meetup in September.