Warning:
This wiki has been archived and is now read-only.
SurveyAnalysis
Contents
Survey Analysis
2012-06-07 (ddahl)
Summary
tl;dr;
The responses to the survey were informative. Potential users of this API are most interested in public key encryption, symmetric encryption and digital signatures. The users of the API are everyday web users doing everything from secure messaging to online banking and e-commerce. The top response for data to be processed was 'messages', either email-like, update or chat messaging. Digital signatures followed. The data is being processed to protect the contents of the messages from even the service provider, server compromises and transit of intermediate networks. A standard cross-browser API is highly desirable along with access to the system's key store along with persistent key storage. A low-level API seems to be more in demand for such reasons as being able to build a larger variety of applications and interoperability with existing protocols. The main respondees were application developers and open source developers.
More details, wordles
- Q1: What Methods of the Crypto API are you most interested in?
- Top Answers:
- Public key encryption
- Symmetric encryption
- Digital Signature
- wordle: [1]
- Top Answers:
- Q2: In your planned usage, who are the users of this API?
- Top Answers:
- Everyday web users
- Web Developers
- In retrospect, this question could have been worded better. It should have been "What people, customers, entities will use this API via browser apps?" Example answers: Banking customers, professional work colleagues, families, etc.
- wordle: [2]
- Top Answers:
- Q3: What data is being processed/encrypted/signed, etc?
- Top Answers:
- Encrypted messages between users
- Signing transactions
- wordle: [3]
- Top Answers:
- Q4: Why is this data being processed/encrypted/signed, etc?
- Top Answers:
- Security
- Confidentiality
- Untrusted Server/Networks in between users
- Authentication
- wordle: [4]
- Top Answers:
- Q5: Why are you interested in a Web Crypto API?
- Top Answers:
- Standard cross-browser API
- Access to system key store
- Speed of native crypto in JS
- wordle: [5]
- Top Answers:
- Q6: Are you interested in a high-level, idiot-proof API or a low-level API?
- Top Answers:
- Low Level (23)
- High Level (16)
- wordle: [6]
- Top Answers:
- Q7: What industry or organization are you involved with?
- Top Answers:
- Application Developer
- Open Source Developer
- wordle: [7]
- Top Answers: