You say curmudgeon, I say mature, responsible professional engineer :)
In reply to Tony. I don't ask it as a pass/fail question, it's more of "here...
I would fail this question. If it was asked on Hacker News or Twitter I would have raised objections. As an already hired employee I would put the requester through a two hour meeting and make hi...
In reply to Nevermind. That's not browser crypto, but you can also talk to native exte...
https://rdist.root.org/2014/06/23/in-defense-of-javascript-crypto/comment-page-1/#comment-8725
I'm confused by your dislike of the PCI avoidance scenario. Even forgetting about PCI, doesn't RSA encrypting in the browser (which seems pretty safe, since there's nothing secret to be exposed, ...
https://rdist.root.org/2014/06/23/in-defense-of-javascript-crypto/comment-page-1/#comment-8664
Can you describe your variant cipher mode?