Recent Changes - Search:

GNU/Buanzo Community

edit SideBar


On April 28th, 2009 I got an eMail from an individual who was interested in the project, but couldn't find a good explanation on Why I was doing it, How I wanted to do it, etc.

I decided this guy was completely RIGHT about that. Even though there are a number of articles and interviews that are easily googleable, a good old wiki article is definitely NOT a bad idea. So here it goes.

NOTE: This is a work-in-progress article, ok? I'll remove most fun out of it once I finish it :)

First of all, let me clarify that Enigform is NOT an SSL replacement. It does not even CARE about socket-level encryption. I don't even really care about encryption at all. Enigform is an HTTP-level, Request/Response oriented set of OpenPGP 'addons' to HTTP. It's NOT a 'https' replacement. I couldn't even begin to believe I would be able of REMOTELY doing something as good as SSL.

My main purpose is user authentication and session management, built on top of OpenPGP-based digital signatures for HTTP requests, and payload encryption/signing for the session initiation challenge-response protocol. I will go into details of the protocol on some other wiki article sometime this century.

I'm also working on a direct HTTP Authentication emulation subsystem for mod_openpgp, which will make it even easier for people to migrate to Enigform if using HTTP Authentication. Basicly, by specifying an "OpenPGPAuthorizedUsers /path/to/text/file" for a certain resource (just like Apache's HTTP Authentication parameters, but without where to get valid users from) you can have Enigform-secure-session based "http auth" emulation.

Edit - History - Print - Recent Changes - Search
Page last modified on August 19, 2009, at 07:21 PM