Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Must we authenticate login forms (using SSL?)?

Re: Must we authenticate login forms (using SSL?)?

From: Peter Conrad <conrad_at_tivano.de>
Date: Fri, 30 Sep 2005 08:58:17 +0200

Hi,

On Thu, Sep 29, 2005 at 10:02:00PM -0700, Nathaniel S. H. Brown wrote:
> I have created a very unique, yet simple method of a form encryption that
> provides the same mechanism that the public/private key entails.
>
> Check out my just published release at
> http://www.nshb.net/secure-form-post-with-javascript-without-ssl

erm... this sounds like a plain old challenge-response mechanism. Or
maybe I don't understand what you mean with "private key" and "public
key" in your description.

Bye,
        Peter 

-- 
Peter Conrad                        Tel: +49 6102 / 80 99 072
[ t]ivano Software GmbH             Fax: +49 6102 / 80 99 071
Bahnhofstr. 18                      http://www.tivano.de/
63263 Neu-Isenburg
Germany
Received on Sep 30 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]