Security considerations for my personal password manager

My security knowledge is kind of limited but I might learn something.

I´m planning to create an ajax application where I encrypt/decrypt passwords client-side with a typed master password using a javascript AES library and then send/retrieve the encrypted data to/f开发者_运维问答rom Google App Engine(user authenticated).

I actually found a project with the same idea: http://code.google.com/p/safety-vault/

In my mind as long as I keep my local computer secure (keyloggers) this should be quite secure or am I missing something?

---

As long as you use SSL for the webapp, this should be fine. Without SSL, an attacker could modify the page to insert some Javascript that sends them your password when you type it.

You might want to reconsider your threat model, though. Do you trust the server? If not, you shouldn't trust it to not send you a page that captures your master password when you enter it. If you do, you shouldn't have any qualms in sending your master password to the server.

---

There is a problem here, as I assume at some point you're going to have to send your master password to the browser client? If you have the master password, then you can decrypt the stream you send...

Use HTTPS, it's what it was designed for.

---

You effectively are trusting Google App Engine employees, and transitively, the entire trust chain behind them, to not steal your passwords. Encrypting client side doesn't mean anything if you are executing JavaScript code the server sends you, furthermore if you have no HTTPS implemented properly, it's trivial for someone to do a man in the middle attack and steal your passwords as they are transmitted. Just store the passwords locally or encrypt them with a well known tool like GPG and upload them.