[WEB SECURITY] Ajax and secure web communications

Chris Hammond-Thrasher chris.hammond-thrasher at hushmail.com
Tue May 17 18:37:52 EDT 2005


Hi,

I recently blogged about Ajax and secure web communications. While 
SSL/TLS is great, sometimes another cryptographic solution is 
needed to solve the problem at hand - I use Hushmail as an example 
of this. I would appreciate comments on the idea that I put 
forward. Here is an excerpt:

"While the Ajax model was not conceived by the geniuses at Google, 
Adaptive Path, or wherever, as an information security tool, I 
believe it may hold the key to reconceiving secure web 
communications... With encryption and signature services, and key 
management and/or client side authentication services embedded in 
the Ajax Engine layer, combined with identity management and access 
control on the server side, one can envision a powerful new class 
of secure web communications. And authentication could be handled 
through a PKI-based mechanism, kerberos, or something else."

http://thrashor.blogspot.com/2005/05/ajax-and-secure-web-
communications.html

-CHT

blog - http://thrashor.blogspot.com


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list