On Thu, Jul 20, 2006 at 12:26:14PM +0100, Tim Green wrote:

On 7/20/06, chris@isbd.co.uk chris@isbd.co.uk wrote:

...

I want the 'source text' of the HTML page itself to be encrypted, i.e. if someone on the server system looks at the HTML itself then it will be valid HTML but with some encrypted gobbledegook in the <BODY>.

Using https: will (hopefully) stop 'man in the middle' attacks (which always seem to me pretty unlikely) but does no good at all at protecting against someone who gets access to the server system.

If I get really paranoid I will use https as well so the text isn't 'in clear' while it's in transit to me but that's an extra.

If UNIX style access protection is not sufficient to prevent snooping, then it is very likely the snooper also has the ability to snoop the network connection or even the active memory of the process decrypting your files.

Yes, but there's a very small time window when those methods of access are available, unenecrypted files sitting on disk are there 24 hours a day, seven days a week.

         Also to consider: where would you like the decrypting key

stored?

In my head!

We appear to be heading towards the solution of storing encrypted files on the server, and they are not decrpyted until they reach the viewer. Is there a GPG plugin for Mozilla?

That would be the perfect (well, very good anyway) solution.

Tim.

PS. Did you want to include ALUG again in the CC?

Yes, I must have hit r[eply] by mistake instead of L[istreply].

I've actually come up with an acceptable solution using mozex (a Firefox extension that I already use for other facilities). It allows a link with an arbitrary protocol (e.g. pwd://somewhere) to run any local executable. I have used this to pop up a small terminal window which does an ssh to the remote system and run vi on an encrypted file. Enter the correct password and there's the data I want.

It runs across ssh so the data is encrypted on the way. The remote file is encrypted (as I wanted) though the encryption is probably not *very* strong. It's also rather impenetrable to anyone looking at the web page where the pwd://somewhere link is as it just looks like an invalid URL. Unless they have mozex *and* the script that the particular pseudo-URL links to they won't even know what it does.

The disadvantage is that it's not particularly quick and is 'outside' the web pages but it's good enough for the present.