WebApp Sec mailing list archives

Re: Must we authenticate login forms (using SSL?)?

From: Peter Conrad <conrad () tivano de>
Date: Fri, 30 Sep 2005 08:58:17 +0200

Hi,

On Thu, Sep 29, 2005 at 10:02:00PM -0700, Nathaniel S. H. Brown wrote:

I have created a very unique, yet simple method of a form encryption that
provides the same mechanism that the public/private key entails.

Check out my just published release at
http://www.nshb.net/secure-form-post-with-javascript-without-ssl


erm... this sounds like a plain old challenge-response mechanism. Or
maybe I don't understand what you mean with "private key" and "public
key" in your description.

Bye,
        Peter
-- 
Peter Conrad                        Tel: +49 6102 / 80 99 072
[ t]ivano Software GmbH             Fax: +49 6102 / 80 99 071
Bahnhofstr. 18                      http://www.tivano.de/
63263 Neu-Isenburg

Germany

Current thread:

Must we authenticate login forms (using SSL?)? Amir Herzberg (Sep 28)
- <Possible follow-ups>
- Re: Must we authenticate login forms (using SSL?)? info (Sep 29)
  - Re: Must we authenticate login forms (using SSL?)? Antoine Martin (Sep 29)
    - RE: Must we authenticate login forms (using SSL?)? Nathaniel S. H. Brown (Sep 29)
    - Re: Must we authenticate login forms (using SSL?)? Peter Conrad (Sep 30)
    - RE: Must we authenticate login forms (using SSL?)? Nathaniel S. H. Brown (Sep 30)
    - Re: Must we authenticate login forms (using SSL?)? Rogan Dawes (Sep 30)
    - Re: Must we authenticate login forms (using SSL?)? Antoine Martin (Sep 30)
    - Re: Must we authenticate login forms (using SSL?)? Eoin Keary (Sep 30)
    - Re: Must we authenticate login forms (using SSL?)? Antoine Martin (Sep 30)
- Re: Must we authenticate login forms (using SSL?)? mike03051 (Sep 29)