October 7, 2013
Pushing on the Open-Source Crypton Effort
After 5 years working on Firefox at Mozilla, last week I began a new adventure at SpiderOak. And whereas I will be working on a wide range of projects, my main focus will be directing the Crypton, open-source project.
Earlier this year I read about Crypton, SpiderOak’s open-source web framework that makes scalable, privacy-centered web applications much easier to produce. As a founder and sometime-editor of the W3C’s Web Cryptography Working Group, I knew there would eventually emerge a “jQuery for web crypto.” Crypton seemed to be that and then some – a complete solution, including the server and storage mechanism. I was hooked. I have been tinkering in this space for a few years, producing a couple Firefox extensions including DOMCrypt and Nulltxt. These extensions model what I thought made sense for crypto APIs hanging off of each web page, as well as web applications to go along with these APIs. I implemented window.crypto.getRandomValues in Firefox and worked on the team that maintains and improves Firefox security.
With the idea that the Web Crypto API is now forthcoming and the recent media attention on ever-present Internet surveillance, I want to do something more tangible about it now. SpiderOak has been building privacy-oriented products that uphold its ‘Zero-Knowledge’ concept for almost a decade, which makes this move for me a natural fit. I am excited to play a role in making Crypton the standard for web crypto as well as providing an easy way for developers to easily build meaningful, useful ‘Zero-Knowledge’ applications.
As of September 26, 2013, SpiderOak is hosting a weekly development teleconference to discuss the latest developments, features, milestones, bugs and anything else Crypton users or developers would like to discuss. The details are on our Github wiki.
If you have any questions or ideas about Crypton, feel free to contact me via our many channels of communication or email me directly at ddahl[at]spideroak.com.