[Cryptography] Encrypting web pages ?
Tom Mitchell
mitch at niftyegg.com
Sun Jun 6 12:16:49 EDT 2021
On Sun, Jun 6, 2021 at 12:05 AM Henry Baker <hbaker1 at pipeline.com> wrote:
> Since most web pages are hosted at server farms, it would
> make sense to have them encrypted *at rest*.
..
>
> Are there any standards for how any of this could
> work?
>
>
This is a key management problem more than anything else.
A single key would quickly be disclosed.
Managing a million keys in a stateless world seems fragile.
Databases that manage access control would be a start.
Standards for medical records and credit card info are a start.
Document services?
The ugly cross site scripting and CSS tangles seem too easy to abuse and
are questioned or blocked as a general case.
A smaller index host might sort out access credentials and issue a URI with
necessary keys to the encrypted data farm.
Key management!
--
T o m M i t c h e l l ( o n N i f t y E g g )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210606/1b50958c/attachment.htm>
More information about the cryptography
mailing list