secure WWW on UNsecure servers
Joseph Sokol-Margolis
joseph at genome.wi.mit.edu
Fri Jun 28 22:03:50 PDT 1996
> How might one arrange for these encrypted web pages residing on an
> (unsecure) server to get decrypted only at the client's machine?
> This should work as transparently as possible for the user;
> except possibly for a userid/password query it should look like a
> normal web browsing session. For now, we can assume that the
> decrypted web pages contain only HTML and images in .gif format.
It seems like it could be done by writing a plug-in that passed the
encrypted page to pgp (or had it internally) and used that to decrypt it.
The plug-in could store the pass-phrase locally and clear when the user
disconnected.
It *might* also be possible to do this with java. I don't know enough java
to say for sure, but couldn't you build an interface that took the
encrypted data passed it though whatever and then displayed it on the local
screen. The applet could produce a viewer with a 'sigoff' button telling
the applet to forget the pass-phrase. Comments?
Joseph Sokol-Margolis
joseph at genome.wi.mit.edu
Systems Administrator
More information about the cypherpunks-legacy
mailing list