1996-07-04 - Re: What remains to be done.
Header Data
From: Gary Howland <gary@systemics.com>
To: Black Unicorn <unicorn@schloss.li>
Message Hash: 37564df815e14ceece4ba228fc203216ccb84c0d5f7d8219cbf6d2dbaa8fab53
Message ID: <31DBB50A.5656AEC7@systemics.com>
Reply To: <Pine.SUN.3.94.960703055812.13232A-100000@polaris>
UTC Datetime: 1996-07-04 15:14:37 UTC
Raw Date: Thu, 4 Jul 1996 23:14:37 +0800
Raw message
From: Gary Howland <gary@systemics.com>
Date: Thu, 4 Jul 1996 23:14:37 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: What remains to be done.
In-Reply-To: <Pine.SUN.3.94.960703055812.13232A-100000@polaris>
Message-ID: <31DBB50A.5656AEC7@systemics.com>
MIME-Version: 1.0
Content-Type: text/plain
Black Unicorn wrote:
>
> A. Methods to run secure websites on insecure servers.
>
> A thread on 'punks last month, I am of the view that local decryption of
> web pages is essential to the development of coercion free web pages.
> Estlablishing a truely secure web page today requires the server to be
> extra-terratorial, in a secure physical location, and requires such
> lengths to defeat traffic analysis (which lengths must be applied to the
> actual network logistics, rather than the software logistics) so as to be
> impractical to all but institutional resources. The best effort I have
> seen is in European Union Bank (www.eub.com) or (www.eub.net) [neither of
> which I recommend you use for deposits] and it still falls quite short.
>
> A software solution which permits local decryption makes traffic analysis
> less useful, presents the opportunity to use front end and disposable www
> pages on domestic ISPs while imposing no liability on the ISP itself, and
> opens several more effective traffic analysis deterants.
>
> Ideally, both web proxies (for servers as well as clients) and local
> decryption will be written allowing both server and user a degree of
> double blind operation as well as easy disposability of front ends.
>
> A Netscape plugin for local decryption of web pages and proxy forwarding
> of WWW form submissions to the server is a MUST.
I fully agree with all of your comments, but, encrypted proxying issues
aside, what is wrong with SSL? Is it because the encryption is for
the whole server, not individual users?
> Is anyone considering work on these?
I gave the encrypted proxy idea some thought, and intend to do
it one day. If someone is willing to run it, then I will certainly
do it. Offers?
With regard to the local decryption idea, then I don't see this as
much of a problem. How much interest is there in this? We already
have something similar running, but it would still need a bit of work
to make more general.
Gary
--
pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com>
Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
Thread
Return to July 1996
- Return to “Black Unicorn <unicorn@schloss.li>”
Return to “Gary Howland <gary@systemics.com>”
- 1996-07-04 (Thu, 4 Jul 1996 13:25:16 +0800) - What remains to be done. - Black Unicorn <unicorn@schloss.li>
- 1996-07-04 (Thu, 4 Jul 1996 23:14:37 +0800) - Re: What remains to be done. - Gary Howland <gary@systemics.com>
- 1996-07-06 (Sat, 6 Jul 1996 19:40:33 +0800) - Re: What remains to be done. - Black Unicorn <unicorn@schloss.li>
- 1996-07-04 (Thu, 4 Jul 1996 23:14:37 +0800) - Re: What remains to be done. - Gary Howland <gary@systemics.com>