Hi, the idea is to deploy TLS with DHE cipher to achieve PFS unauthenticated (JS, no plugin) or with a TOFU trust model (JS with plugin) in any browsers, with the implementation model as follow:
- a JS library to be hooked to Ajax xhr request in javascript application - a browser plugin that automatically hook xhr requests of certain application - a server gateway application to convert this data flow (over websocket) to be forwarded to a https server in localhost with self-signed digital certificate The brief discussion is at https://github.com/digitalbazaar/forge/issues/84 What do you think? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
