[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secure WWW on UNsecure servers




Joseph Sokol-Margolis writes:
> > How might one arrange for these encrypted web pages residing on an
> > (unsecure) server to get decrypted only at the client's machine?
> > This should work as transparently as possible for the user;
> > except possibly for a userid/password query it should look like a
> > normal web browsing session.  For now, we can assume that the
> > decrypted web pages contain only HTML and images in .gif format.
> 
> It seems like it could be done by writing a plug-in that passed the
> encrypted page to pgp (or had it internally) and used that to decrypt it.
> The plug-in could store  the pass-phrase locally and clear when the user
> disconnected.

The "Right Way" to do what was asked is to use S/HTTP. However,
Netscape, in their wisdom, has not implemented it.

Perry