SpoC 007 - Enigform: Firefox Addon for OpenPGP signing of HTTP requests - Progress Page
As of 7th November, 2007, mod_openpgp, the Server-side Enigform component for Apache, supports OpenPGP-Encrypted HTTP Request Decryption. This means an HTTP client can send an encrypted HTTP request, using the Server's public key, and it will be decrypted and correctly served by the server.
This is a HUGE feature bump, of roughly 1200 lines of C code.
It's much more of what I expected to implement for the OWASP SPOC duration, so I'll be applying for the 2nd half of my funding now.
Older Status Reports
As of 9th July, 2007, Enigform has been enhanced with remote site OpenPGP discovery, Public Key Import. Kyle Huff has joined the development team, and the Session Protocol has been proposed. Regarding Encryption, mod_openpgp supports encrypted http requests, but Enigform support for this is in research stage.Microsoft support will be last stage, once Enigform 1.0 and mod_openpgp 1.0 are released.
- Enigform Development Site
- Addons.Mozilla.Org - Stable Releases Installation Page
- Enigform Freshmeat Page
- Official Enigform Forum