[WEB SECURITY] Ajax and secure web communications

Chris Hammond-Thrasher chris.hammond-thrasher at hushmail.com
Tue May 17 18:37:52 EDT 2005


I recently blogged about Ajax and secure web communications. While 
SSL/TLS is great, sometimes another cryptographic solution is 
needed to solve the problem at hand - I use Hushmail as an example 
of this. I would appreciate comments on the idea that I put 
forward. Here is an excerpt:

"While the Ajax model was not conceived by the geniuses at Google, 
Adaptive Path, or wherever, as an information security tool, I 
believe it may hold the key to reconceiving secure web 
communications... With encryption and signature services, and key 
management and/or client side authentication services embedded in 
the Ajax Engine layer, combined with identity management and access 
control on the server side, one can envision a powerful new class 
of secure web communications. And authentication could be handled 
through a PKI-based mechanism, kerberos, or something else."



blog - http://thrashor.blogspot.com

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list