secure WWW on UNsecure servers
Perry E. Metzger
perry at piermont.com
Sat Jun 29 22:12:30 PDT 1996
Joseph Sokol-Margolis writes:
> > How might one arrange for these encrypted web pages residing on an
> > (unsecure) server to get decrypted only at the client's machine?
> > This should work as transparently as possible for the user;
> > except possibly for a userid/password query it should look like a
> > normal web browsing session. For now, we can assume that the
> > decrypted web pages contain only HTML and images in .gif format.
>
> It seems like it could be done by writing a plug-in that passed the
> encrypted page to pgp (or had it internally) and used that to decrypt it.
> The plug-in could store the pass-phrase locally and clear when the user
> disconnected.
The "Right Way" to do what was asked is to use S/HTTP. However,
Netscape, in their wisdom, has not implemented it.
Perry
More information about the cypherpunks-legacy
mailing list