This exchange could be further strengthened by binding the authentication to the TLS session over which the client is authenticating, by deriving a key based on properties of the underlying transport.
If a user does not already have a key associated with their account, the web application could direct the user agent to either generate a new key or to re-use an existing key of the user's choice.
When a user agent navigates to such a web application, the application would send the encrypted form of the document.
The user agent is then instructed to unwrap the encryption key, using the user's private key, and from there, decrypt and display the document.
A web application may wish to permit users to protect the confidentiality of data and documents stored with remote service providers prior to uploading.
This document has been reviewed by W3C Members, by software developers, and by other W3C groups and interested parties, and is endorsed by the Director as a W3C Recommendation.
Previously, when data was added to the cache, it would have been signed by the server with the corresponding private key.
By validating the signature when restoring data from the cache, the client ensures that the cached data has not been tampered with.
This specification describes a Java Script API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption.
Additionally, it describes an API for applications to generate and/or manage the keying material necessary to perform these operations.