* no encryption, just indexed by a hash -> that means the messages are not store encrypted on the server
I would recommend people stay away from your solution, and instead use something like Zerobin: http://sebsauvage.net/paste/
It encrypts everything using SJCL, and if I am worried with the server sending me a modified version of the JS code, I can still keep the code on my own computer but use it to send to the server.
* everything is done server side -> trust issues
* no encryption, just indexed by a hash -> that means the messages are not store encrypted on the server
I would recommend people stay away from your solution, and instead use something like Zerobin: http://sebsauvage.net/paste/ It encrypts everything using SJCL, and if I am worried with the server sending me a modified version of the JS code, I can still keep the code on my own computer but use it to send to the server.