[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Annoucing LivePGP - content security for web (fwd)

To: [email protected]
Subject: Annoucing LivePGP - content security for web (fwd)
From: Black Unicorn <[email protected]>
Date: Thu, 29 Aug 1996 01:26:08 -0400 (EDT)
Posted-Date: Thu, 29 Aug 1996 01:26:08 -0400
Sender: [email protected]



--
I hate lightning - finger for public key - Vote Monarchist
[email protected]

---------- Forwarded message ----------
> From [email protected] Thu Aug 29 01:00:59 1996
> Message-Id: <01BB9594.5E8FC740@minuet>
> From: Ming-Ching Tiew <[email protected]>
> Subject: Annoucing LivePGP - content security for web
> Date: Thu, 29 Aug 1996 10:25:07 +-800
> Encoding: 54 TEXT
> Sender: [email protected]
> Precedence: bulk
> 
> Inspired by Adam Cain's write-up ( and others ) on comparison on the using of PGP, 
> SSL/HTTPS, SHTTP and others on Web technologies, I have written a LivePGP 
> plugin for Navigator 3.x and is available for evaluation for anybody who cares to 
> send me a email ( as I don't have  a leased line connection to internet ).
> 
> See below for a summary.
> 
> Thank you, 
> Regards,
> Ming-Ching
> [email protected]
> 
> ------------------------------------------------------------------------------------------------------
> As a summary, this is a plugin for Navigator 3.x which I developed it
> myself, and which I called it LivePGP because it uses LiveConnect and
> PGP.
> 
> LivePGP is a plugin to be loaded on Navigator machine; it secures the
> content before transmittion to the network. Therefore, it doesn't matter
> what network or what's or ever.
> 
> With absolutely no intention to compete with SSL and SHTTP, LivePGP 
> attempts to address some issues with existing security products :-
> 
> 1. 1024-bit key length of PGP in comparison with 40-bit for SSL ( due to 
>     international export limitation ). PGP is a well-known product which   
>     has survived years to testing.
> 
> 2. Extended security vs point-to-point security provided by SSL. Content 
>     coming out of SSL client and server are plain text, which may
>     be subjected to system administrator's tempering with the data. Using 
>     LivePGP, the decryption of data can be relayed as late as (operationally) possible. 
> 
>     More important practical reason is that the signed content can be logged
>     on the client and server; it is very useful to addresss non-repudiation.
>     The client cannot argue that he didnot submit the transaction, because
>     the content which contains the client's signature can be logged and printed out.
>   
>     Similary, system administrator's tempering the data could be checked against
>     with.
> 
> 3. Even thought the plugin is developed using C/C++ and Java,
>    deployment for any scenerio need only standard HTML/Javascript. 
> 
> 4. Client is Win95/NT. Server can be anything. Win3.11 is unknown.
> 
> 5. Every part introduced by me is source code available.
> 
> 6. Can use it together with SSL to make use of the high transparency
>     of SSL.
> 
> 7. Can use it to upload ( signed and encrypted ) local files, in addition
>     to uploading ( signed and encrypted ) web content.

Prev by Date: Re: MUD anyone?
Next by Date: Re: In reference to comments made to me and to the Group
Prev by thread: Re: Clinton follies ideas?
Next by thread: Simulations
Index(es):
- Date
- Thread