I think I see where you're coming from, but I still disagree: I've seen way too many examples of otherwise competent programmers still stuck on, for instance, the notion of using salts with fast hash functions for password storage. Hell, MtGox had a post just the other day about their all-new triple-salted SHA256 password storage! Somewhere that day, there was a faint groan from the dismally small set of people who are knowledgeable in password storage and are interested enough in Bitcoin to have read about that.
The difference between bugs in non-crypto software and bugs in crypto software is that bugs in crypto software can have much more severe and far-reaching consequences. So, while I might trust a programmer to write decent non-crypto software, I would prefer not to trust them with writing crypto software.
edit: actually, there's more to it than that, on second thought. Crypto also requires a greater depth and breadth of expertise. The math knowledge required for general programming is trivial by comparison; about the worst it usually gets is vector-based math, or simple calculus, or big-O notation. But to understand crypto well enough to implement it correctly requires a much greater knowledge of mathematics -- something which most programmers don't have.
> You know what the weaknesses of Javascript-based crypto are, and you know how to implement crypto. In that case, why not do it?
Because I (the rhetorical "I" in this case) know what the weaknesses of JavaScript-based crypto are. :-)
The difference between bugs in non-crypto software and bugs in crypto software is that bugs in crypto software can have much more severe and far-reaching consequences. So, while I might trust a programmer to write decent non-crypto software, I would prefer not to trust them with writing crypto software.
edit: actually, there's more to it than that, on second thought. Crypto also requires a greater depth and breadth of expertise. The math knowledge required for general programming is trivial by comparison; about the worst it usually gets is vector-based math, or simple calculus, or big-O notation. But to understand crypto well enough to implement it correctly requires a much greater knowledge of mathematics -- something which most programmers don't have.
> You know what the weaknesses of Javascript-based crypto are, and you know how to implement crypto. In that case, why not do it?
Because I (the rhetorical "I" in this case) know what the weaknesses of JavaScript-based crypto are. :-)