Re: Netscape the Big Win
Integration of crypto into Netscape is thus the Big Win.
This is why Amanda and I have been working on crypto tools for Java, a "safe" programming language that will be embedded in Netscape in the (hopefully) not-too-distant future. In addition to eventual incorporation in Netscape, it is currently available on Suns running Solaris 2.4 and PCs running Windows NT. See: http://www.cs.utexas.edu/users/achou/JCrypt/packages.html This is also why October is "Java month" for the cypherpunks Bay Area meeting. Marianne Mueller (mrm@eng.sun.com) is organizing speakers and coordinating the schedule for that month's meeting. Java will be available for Windows 95 about the time Win 95 is released, and a Mac version is due out "Real Soon Now." The Mac version has been demoed to industry insiders already. One of the obvious advantages is that it should be possible to write a nice, GUI interface once, and be done with all of the tiresome porting that seems to occupy too much of our time.
-----BEGIN PGP SIGNED MESSAGE----- I also agree that Netscape and similar browsers are a good target for crypto applications. I am working on a program (tentatively called webcloak) which runs on your PC next to your browser. You set the proxy in the browser to point at this program. This is a dialog box in Netscape and I think most browsers have this support. Then all of your communications go through this program. Unfortunately progress has been slow as I have been having to learn Winsock programming and re-learn Windows programming. But I do have a dummy program working which will pass commands through. It does not encrypt anything yet but simply redirects commands to a web proxy running on the net. Soon I will work on adding encryption, but the next step is to add dialog boxes to choose the web proxy to use. Right now it is hard coded in. Someone posted recently that the formerly open web proxy at http://www.proxy.aol.com:80/ is no longer responding. Also, a list member was running one for a while at http://spirit.aud.alcatel.com:8082/ but that is no longer working either. I have been looking for proxies by searching the incoming connection logs on this commercial system. I figure that some of the more frequently appearing hosts may be proxies. I telnet to them on port 80 and type "GET http://sony.com/". This is just a URL I use because it is short. Usually nothing happens but I have found a couple of proxies that still work. At this point I don't want to publicize them because they might be shut down as a result. I think running open web proxies (and another kind of proxy I will describe in a future message) will be a good thing for Cypherpunks to do. I know not everyone can do it; it takes more privileges and clout to keep a server running than to drop in a mail filter. But for those who do have the ability to leave background processes running I think these will be the remailers of the future. I hope some list members will start doing this. As another solution, I have developed a Perl script which anyone who can run CGI scripts can use to become a web proxy. Fortunately (and somewhat mysteriously) this commercial system lets me do that. Basically if you want to connect to http://www.mcom.com/ you instead connect to http://www.portal.com/~hfinney/webcloak.cgi?http://www.mcom.com/. The name of the CGI script and "?" is prepended to the desired URL. The script then receives the part after the "?" as its argv so it opens the URL and passes it back. So if you can't run a server but can install CGI scripts then you can run this "poor man's proxy". Unfortunately the standard proxy protocol will not work transparently with this; the CGI script and "?" pasting isn't done automatically by browsers. However my PC "webcloak" program does work with this kind of proxy; it pastes the required prefix string at the front of each URL. So if people do start using this approach the CGI proxies may be part of the solution. Soon I hope to be far enough along to ask people to start testing some of this software. Once I get the webcloak program able to be reconfigured by the end user I'll ask people to try it to see if it works on anybody else's PC than mine. It should hopefully work with anything that uses Winsock. Eventually I hope to see a lot of people running web proxies and privacy proxies (which just pass requests through to other web and privacy proxies - these are very simple connection redirectors, but do encryption and decryption for privacy). The end user can connect to a web site and update his list of proxy servers. Then when he fires up his local proxy interface program it can ping the various servers and print a summary of their response times. He clicks on the ones he wants, setting up a chain. Only the last one in the chain needs to be capable of proxying http requests, the others just pass data through. The local program connects to each of the proxies and negotiates a session key using PK encryption. This will be cached and used over a moderately extensive period of time, at least a few minutes. We can't possibly do a PK decryption for each link in a proxy for every .gif file in a page. That would be too slow. So instead it will just send a cache identifier to indicate which encryption key is in use. This is all pretty ambitious as you can see, but I am trying to do it incrementally. Even a basic system without encryption and where the user has to edit a text file to choose his proxy chain will provide some privacy protection. So I hope I will be able to interest people in providing the infrastructure needed for privacy protection on the Web. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBMA3umxnMLJtOy9MBAQHpSQIAvI/YB9JmGgwIaFWxCegAUtZ94eIHvOFU wVQPdXlvaLup8Kjcx1wTPm/oib8u7Ema+6eb/MGsQWrnYtCO8emoew== =zx5U -----END PGP SIGNATURE-----
On Wed, 19 Jul 1995, Douglas Barnes wrote:
Java will be available for Windows 95 about the time Win 95 is released, and a Mac version is due out "Real Soon Now." The Mac version has been demoed to industry insiders already. One of the obvious advantages is that it should be possible to write a nice, GUI interface once, and be done with all of the tiresome porting that seems to occupy too much of our time.
I assume that there is a version available for UNIX, yes? -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 801/534-8857 voicemail 801/460-1883 digital pager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi Q. What's the trouble with writing an MS-DOS program to emulate Clinton? A. Figuring out what to do with the other 639K of memory.
I assume that there is a version available for UNIX, yes?
It was originally released for Solaris 2.X machines, and it is currently being ported to a lot of other platforms. The major problem is that it requires a lot of threads support, which makes it difficult to port. -derek
available on Suns running Solaris 2.4 and PCs running Windows NT. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Are there any plans to port JAVA to a REAL operating system? Support for crypto needs to be ubiquitous to work. Start with the fanatics (Linux and FreeBSD) and the other platforms will quickly follow (often
on Wed, 19 Jul 1995 20:24:31 -0800 Douglas Barnes wrote: ported by the afore mentioned fanatics so that the departmental server can run the same code as their desktop box :-). Dave Otto - Vinimus, Vedimus, Dolivamus http://ACM.org/~daveotto/ http://ACM.org/~daveotto/linux.html/ dave@dvorak.jta.edd.ca.gov daveotto@acm.org "Pay no attention to the man behind the curtain!" [the Great Oz] finger DaveOtto@ACM.org/or server for PGP 2.6 key <0x3300e841>
available on Suns running Solaris 2.4 and PCs running Windows NT. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Are there any plans to port JAVA to a REAL operating system? Support for crypto needs to be ubiquitous to work. Start with the fanatics (Linux and FreeBSD) and the other platforms will quickly follow (often
on Wed, 19 Jul 1995 20:24:31 -0800 Douglas Barnes wrote: ported by the afore mentioned fanatics so that the departmental server can run the same code as their desktop box :-).
Dave Otto - Vinimus, Vedimus, Dolivamus http://ACM.org/~daveotto/ http://ACM.org/~daveotto/linux.html/ dave@dvorak.jta.edd.ca.gov daveotto@acm.org "Pay no attention to the man behind the curtain!" [the Great Oz] finger DaveOtto@ACM.org/or server for PGP 2.6 key <0x3300e841>
There are java ports in progress for several OS's. Linux is among them and there is a special mailing list for the linx port of java. Check the sun home page for porting information, mailing lists, and new developments. By the way, the current version of Java is Alpha2 release. Expect interface and programmatic changes before a real version comes out January time frame. -- ____________________________________________________________________________ Doug Hughes Engineering Network Services System/Net Admin Auburn University doug@eng.auburn.edu "Real programmers use cat > file.as"
Does anyone here have any figures on how much memory Java takes up when running its typical tasks? Phil
available on Suns running Solaris 2.4 and PCs running Windows NT. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Are there any plans to port JAVA to a REAL operating system? Support for crypto needs to be ubiquitous to work. Start with the fanatics (Linux and FreeBSD) and the other platforms will quickly follow (often
on Wed, 19 Jul 1995 20:24:31 -0800 Douglas Barnes wrote: ported by the afore mentioned fanatics so that the departmental server can run the same code as their desktop box :-).
Go to http://java.sun.com and join the java porting list and also the linux porting list. Suffice it to say, it is being worked on by many people. The next port coming out will be for the Mac. Linux will probably be right after that. The problem with porting HotJava (and Java) is that it uses Solaris Threads, and if your operating system doesn't have a lightweight process/thread library, you have to port one, or write your own. Secondly, HotJava uses OpenWindows, and third, it relies on some Solaris specific memory mapping tricks. (I've heard, there's also some endian problems) -Ray
participants (8)
-
cman@communities.com -
Dave Otto -
Derek Atkins -
Doug Hughes -
Ed Carp [khijol Sysadmin] -
Hal -
Phil Fraering -
Ray Cromwell