i don't mean to be extremely brash, but couldn't one use PGP to provide encrypted communication with the web. granted initially everyone with a browser would need there own key to communicate in an encrypted way - at least until such keys could be generated on the fly. since the http "client" format resembles rfc821 message headers and a body, one could easily use a "hal" remailer type "Encrypted: PGP" header line plus hash marks "::" to reassemble a compatible http client command. The same could be done on the server side. -george --- libgpmx@gsusgi2.gsu.edu (finger for PGP public key or use MIT keyserver) George P. Magiros Georgia State University Pullen Library PGP fingerprint of 59069039: D6 76 D4 FC 9B 25 6E DD DD 81 58 06 7B CD 03 AE