I know several people who want to share private information on some web pages but do not trust any publicly-accessible web server not to leak the information on those pages. The normal IP address or password-based web page protection mechanisms thus are not sufficient since they assume that the server is secure from non-web-based mechanisms for retrieving the pages. Also, encryption schemes such as SSL will not solve the problem because they protect only against interception between the server and the client, not at the server itself. Instead, it looks like the web pages must reside on the server in encrypted form. How might one arrange for these encrypted web pages residing on an (unsecure) server to get decrypted only at the client's machine? This should work as transparently as possible for the user; except possibly for a userid/password query it should look like a normal web browsing session. For now, we can assume that the decrypted web pages contain only HTML and images in .gif format. Might this best be done with some combination of special MIME types and helper applications or plug-ins? Has someone already done it? Thanks. Kevin Q. Brown kqb@c2.org