Black Unicorn wrote:
A. Methods to run secure websites on insecure servers.
A thread on 'punks last month, I am of the view that local decryption of web pages is essential to the development of coercion free web pages. Estlablishing a truely secure web page today requires the server to be extra-terratorial, in a secure physical location, and requires such lengths to defeat traffic analysis (which lengths must be applied to the actual network logistics, rather than the software logistics) so as to be impractical to all but institutional resources. The best effort I have seen is in European Union Bank (www.eub.com) or (www.eub.net) [neither of which I recommend you use for deposits] and it still falls quite short.
A software solution which permits local decryption makes traffic analysis less useful, presents the opportunity to use front end and disposable www pages on domestic ISPs while imposing no liability on the ISP itself, and opens several more effective traffic analysis deterants.
Ideally, both web proxies (for servers as well as clients) and local decryption will be written allowing both server and user a degree of double blind operation as well as easy disposability of front ends.
A Netscape plugin for local decryption of web pages and proxy forwarding of WWW form submissions to the server is a MUST.
I fully agree with all of your comments, but, encrypted proxying issues aside, what is wrong with SSL? Is it because the encryption is for the whole server, not individual users?
Is anyone considering work on these?
I gave the encrypted proxy idea some thought, and intend to do it one day. If someone is willing to run it, then I will certainly do it. Offers? With regard to the local decryption idea, then I don't see this as much of a problem. How much interest is there in this? We already have something similar running, but it would still need a bit of work to make more general. Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06