Google has released keyCzar, a cryptographic toolkit that supports encryption and authentication for both symmetric and public-key algorithms.
Cryptography is a common problem area for web programmers. keyCzar aims to help alleviate some of the issues by supplying safe defaults, tagging versions, and a simple interface.
[via Zero Day]
Hi William. Keyczar is just a software library, not a service. Your keys live wherever you want them to. Google is not holding keys in escrow or anything like.
Cheers.
Now THAT is service! Second post is by one of the authors! Care to comment on the peer review process to date, Steve?
Hi Matt. It has been internally reviewed, but the public peer review process is just starting. There has already been some good feedback. I anticipate we’ll make significant changes before the 1.0 release based on open source contributors.
(PS – Why does this comment system convert everything to lower case?)
this looks promising. good to see more open software packages that could be use to develop more secure software.
@steve:
Who knows why the comment system does what it does. It doesn’t even have a password field to enter your password, so even though you have a password, you have to ‘activate’ your comments each time.
I think it’s running the clbuttic comment system.
And how is this a hack?
This looks like a cross between an advertisement and a press-release, barely warmed over.
hackaday is looking more & more like slashdot, but without the +5 funny
Andrew, Mod +5 Insightful
Hack a Day serves up fresh hacks each day, every day from around the web as well as hacking related news.
Let Google keep the keys to the castle, direct traffic to the castle, AND charge to send it there?
Im in!