[liberationtech] Signed HTTP
Tony Arcieri
bascule at gmail.com
Tue Mar 11 13:16:44 PDT 2014
On Tue, Mar 11, 2014 at 5:41 AM, Steve Schultze <sjschultze at gmail.com>wrote:
> We sign software packages and emails. Why not http results? Ideally this
> would call for an IETF standard implemented in the major http servers,
> using certs already installed for https (if that is technically
> possible... I haven't thought through the crypto).
>
This is something I'd like to do, but it should preferably be done with an
offline key or you don't really gain any advantages over TLS. Additionally
it would be nice to be able to sign entire web applications as singular
artifacts. These are the sorts of things I want to do with the Cryptosphere:
http://cryptosphere.org
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140311/51c3caea/attachment.html>
More information about the liberationtech
mailing list