--- Michael Holstein <[EMAIL PROTECTED]> wrote: > > > Despite my bias, an embedded java app > > would not work since it would be > > controlled (provided) by the hostile > > server right? > > You could sign the applet with a key > provided to your clients, since you're > using a distribution model where you > have known end-users (as you need their > keys to encrypt the data).
But I have untrusted senders who should never be able to get access to my private keys (public keys, sure), so how does the signing help? If the java app is created by anyone but the recipient it cannot be trusted. > My thought on Java was to be able to > automate the key scheme within the > browser, versus requiring them download > a .gz.gpg file and decrypt it on their > own. A (sort-of) working example of > this is how HushMail does it (using > Java to code the PGP stuff). Forgive me for not understanding, but what prevents HushMail from decoding the messages? > It's an interesting threat model though :) Yes, but it really is a fairly simple one. I am surprised that HTML does not seem to have some extension to deal with this already. It is not much different from encrypted email concepts, just that the browser needs the ability to do the decrypting instead of your mail program. The simplest fallback may be to simply open the web page with the user's mailer (if their mailer supports that,) -Martin ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ