Home page logo
/

webappsec logo WebApp Sec mailing list archives

Re: encryption over the web
From: Ivan Krstic <krstic () fas harvard edu>
Date: Mon, 14 Jun 2004 10:56:27 -0400

OPTUSBYS wrote:
If I were to enable encryption security for authorized people to access my
web page, how many implementation options there are available?
Is SSL the only option to think of?

The question is whether you want people to be able to access your pages with standard browsers, or whether they'll need custom software. The latest crop of browsers (including MSIE) support SSLv2, SSLv3 and TLSv1, so those are your browser-independent options; anything else will probably require you to write a plugin or some type of tunneling encryption (such as stunnel). With the latter, how you do your encryption would be completely up to you. For what it's worth, I'd *strongly* advise against it, however.

Cheers,
Ivan.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]