Re: Securing information transports

• To: www-security@ns2.rutgers.edu
• Subject: Re: Securing information transports
• From: martinh@paston.co.uk (Martin Hargreaves)
• Date: Fri, 13 Oct 1995 20:34:42 +0100

>Hello all,
>
>  forgive me if I've missed a previous discussion on this.
>
>The question I'd like to ask is: Has anyone seriously looked into using
>PGP for encoding of HTTP transactions??? What are the pro and cons????

NCSA httpd and Mosaic supported it (I did it with httpd 1.2 and Mosaic
2.something about two years ago in a former employment). The hooks may still
be in there. It seemed OK, but it wasn't exactly seamless.

Please don't ask me to repeat how I did it, it involved numerous hack
sessions, tracing Mosaic and httpd, and telnet to port 80 quite a bit. NCSA
provided contrib scripts that were meant to to do it. I presume they had it
running at some point. 

If the key administration (and admin generally) can be cleaned up it might
be quite a good solution. I know it required modified client and server -
this might be a problem if Netscape refuse to support it. I like Mosaic
better anyway.. :-)

        Regards,

                Martin.

##########################################################################
# Martin Hargreaves                   Contract Unix System Administrator #
# martinh@paston.co.uk                      Unix & Network Security, WWW #
# http://www.chem.surrey.ac.uk/~ch11mh           Computational Chemistry # 
##########################################################################

• Previous: Re[2]: New York Times article
• Next: PGP and WWW (was "Securing information transports")
• Index(es):
  • Index
  • Thread