I’ve been playing with local storage as a local offline cache with sync to a data store. One of the things I needed to do was allow the deletion of a key in local storage and rebuild it alot as my schema was changing during prototyping. Initially as there were many keys etc and I was in development it was easy to just delete all the keys and rebuild from scratch. It strikes me as a risk that localStorage in the w3c spec doesn’t allow you to create a named store. If you have a case where you have multiple apps deployed on the same server, someone in another app could do something dumb to kill your data pretty easily.
I think this problem is abrogated when using the sql local storage and a named database, but as I wanted ffox and webkit, until ffox supports it this isn’t an option.
So the warning/lesson at the moment is managing schema’s etc using local storage means you need to be careful not to kill someone else’s data. Also security wise it seems to me that storing anything sensitive in localstorage is a bit of a risk.