[WEB SECURITY] Ajax and secure web communications
Chris Hammond-Thrasher
chris.hammond-thrasher at hushmail.com
Tue May 17 18:37:52 EDT 2005
Hi,
I recently blogged about Ajax and secure web communications. While
SSL/TLS is great, sometimes another cryptographic solution is
needed to solve the problem at hand - I use Hushmail as an example
of this. I would appreciate comments on the idea that I put
forward. Here is an excerpt:
"While the Ajax model was not conceived by the geniuses at Google,
Adaptive Path, or wherever, as an information security tool, I
believe it may hold the key to reconceiving secure web
communications... With encryption and signature services, and key
management and/or client side authentication services embedded in
the Ajax Engine layer, combined with identity management and access
control on the server side, one can envision a powerful new class
of secure web communications. And authentication could be handled
through a PKI-based mechanism, kerberos, or something else."
http://thrashor.blogspot.com/2005/05/ajax-and-secure-web-
communications.html
-CHT
blog - http://thrashor.blogspot.com
---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/
More information about the websecurity
mailing list