Re: Applet security (was Re: ActiveX security hole reported).

• To: Michael Burati <burati@apollo.hp.com>, "David M. Chess" <CHESS@watson.ibm.com>, www-security@ns2.rutgers.edu
• Subject: Re: Applet security (was Re: ActiveX security hole reported).
• From: Alireza Bahreman <bahreman@eit.com>
• Date: Tue, 27 Aug 1996 15:05:08 -0700

EIT has developed two approaches for Applet Security (no fine grain auth):
1) Use RSA to sign applets and verify at the browser side before allowing access
2) Wrap Applets inside MOSS messages (secure MIME)

we have also thought of another alternative which we have not developed or 
tested.  That is use of SSL to download applets (as in https://blaw.blaw...).

If you like to get more information, visit our website at eco.eit.com.  I would 
like to hear comments/suggestions from interested parties...

There are other approaches and implementations as well elsewhere...

Ali


>I haven't had time to keep up with what's being done in this area, so if some-
>one is already working on the above (fine grain authz, not just signing) I'd 
>like to hear about it...
>
>..Mike
>

• Previous: Applet security (was Re: ActiveX security hole reported).
• Next: Microsoft Merchant Server
• Index(es):
  • Index
  • Thread