LISTSERV mailing list manager LISTSERV 15.5

Help for HTML-WG Archives

HTML-WG Archives

HTML-WG Archives


Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font


Join or Leave HTML-WG
Reply | Post New Message
Search Archives

Subject: Re: signature/encryption tags -> follow-up
From: Christian Mogensen <[log in to unmask]>
Reply-To:[log in to unmask]
Date:Mon, 10 Apr 95 21:56:16 EDT

text/plain (39 lines)

Have you checked out the www-security archives?

To be frank, I doubt you will get much crypto support into HTML 2 or 3,
since the current focus is to finish 2.0 and start working on the big issues
in 3.0 , such as Maths and table support, not to mention character set

The security group is dealing with the issues you are discussing.

Ah - *idea* - you could store fragment signatures and other cryptographic
data external to the HTML document by using named ranges as proposed in
the HTML 3.0 - i.e. having a signature for a section named using the MARK
and RANGE tags.  (I'm inventing the Signature HTTP header here).

   Content-type: text/html; version=3.0
   Content-encoding: binary
   Signature: id0; dn="[log in to unmask]"; pgp="arfle-barfle-gloop"
   Signature: id1, dn="my RSA sanctioned name"; pem="base64-encoded-signature"

   <MARK RANGE=id0 START=id_a END=id_b>
   <MARK ID=id_a>
    signed section
   <MARK ID=id_b>

The user agent computes the signature using its own keyring (or fetches the
appropriate key using some defined mechanism (did you see a handwave? I saw
no handwave!) ) and checks it against the s-http encapsulated header.


Back to: Top of Message | Previous Page | Main HTML-WG Page



CataList Email List Search Powered by the LISTSERV Email List Manager