Hi all: This may be somewhat off-topic here, but we just released NoSSL V1.1, which can encrypt stuff from the browser to any PHP-server (automatic form-encryption and encrypting AJAX-requests) in the browser before sending to the PHP-server. On the server, everything is decrypted automatically, so PHP-scripts work undisturbed with NoSSL.
The whole thing works pretty much out of the box. As we did not find any suitable pure-PHP PGP-library as the server-side companion, we could unfortunately not use OpenPGP.js, but the encryption is also RSA/AES with Tom Wu's library. NoSSL does obviously not protect against the MITM-attack. There'll be plugins for Typo3, Wordpress and Joomla coming up. I compare NoSSL to bike locks: Having a website with forms completely without SSL is like leaving a bike unattended without a lock. With NoSSL, there is a lock, but with enough criminal energy (MITM-attack), it can be compromised. It's under GPL on GitHub. https://github.com/smartinmedia/nossl plus explanation and everything on http://www.nossl.net <http://www.nossl.net> Martin
_______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
