Enigform is a Mozilla Firefox extension that provides the ability to digitally sign HTTP requests, even those generated via AJAX. It implements the mechanism described in the white paper "OpenPGP-based Identity and Data Authentication for HTTP", by Arturo Buanzo Busleiman.
Check out this recent interview with Arturo.....
Enigform is very interesting - check out this demo.
If it were ever widely adopted, it could be a potentially solution to a wide range of current security issues (including phishing).
Buanzo also created a matching Apache module to work with Enigform. I hear work has already start on IIS plugins as well.
Rumor has it that OWASP is getting behind the project, so I am sure that we will see more about this interesting solution in the future.
No comments:
Post a Comment