headers
David MENTRE | 3 Aug 2006 18:01
Favicon

Freenigma: a way to encrypt on the client with web technlogy

Hello,

While reading lwn.net, I found this announcement of Freenigma service:
  http://www.freenigma.com/index.html

Freenigma is a way to encrypt emails in web mails. What is interesting
is that encryption is done on the client side, in the web browser
(with of course some help of a server). This is done with apparently a
pure Javascript Firefox extension, working on MacOS, Linux and
Windows.

>From http://www.freenigma.com/frequentlyaskedquestions/index.html
"""
Does freenigma send my mails to the freenigma server for encryption?

No. All mail is encrypted or decrypted directly in the webmail client
(i.e. directly in the browser). But how does that work?! For the
experts: when making an encryption request, the freenigma extension
sends nothing more than the list of recipient addresses to the
freenigma server. In response, it receives a random session key for
symmetric encryption within the client as well as an asymmetrically
encrypted session key for all the recipients. AES encryption is then
performed within the client using the unencrypted session key. Then,
the user script in the client combines the symmetrically encrypted
mail text and the asymmetrically encrypted session key to create the
OpenPGP binary format.
"""

The Freenigma in the web browser (Firefox extension) code should be
available as Free Software, under GNU GPL licence.
(Continue reading)

Permalink | Reply | 501 comments |
headers
Jérémy DUBREIL | 3 Aug 2006 19:15
Picon
Favicon

Re: Freenigma: a way to encrypt on the client with web technlogy

Hello,

It is a good idea to keep in mind.

In the same domain (using some feature of firefox), does anybody have
already had a look as XUL ?

This example shows the possibilities :
http://digg.com/tech_news/Awesome_firefox_XUL_example_

Jérémy

David MENTRE wrote:
> Hello,
>
> While reading lwn.net, I found this announcement of Freenigma service:
>  http://www.freenigma.com/index.html
>
> Freenigma is a way to encrypt emails in web mails. What is interesting
> is that encryption is done on the client side, in the web browser
> (with of course some help of a server). This is done with apparently a
> pure Javascript Firefox extension, working on MacOS, Linux and
> Windows.
>
>> From http://www.freenigma.com/frequentlyaskedquestions/index.html
> """
> Does freenigma send my mails to the freenigma server for encryption?
>
> No. All mail is encrypted or decrypted directly in the webmail client
> (i.e. directly in the browser). But how does that work?! For the
(Continue reading)

Permalink | Reply | 501 comments |
headers
David MENTRE | 3 Aug 2006 19:52
Favicon

Re: Freenigma: a way to encrypt on the client with web technlogy

Hello Jérémy,

Jérémy DUBREIL <jeremydubreil <at> free.fr> writes:

> In the same domain (using some feature of firefox), does anybody have
> already had a look as XUL ?

I had a quick look at its capabilities but never dug further. My
greatest complain against XUL is that it ties us to the Mozilla
platform. It is possible that the Freenigma-like encryption has the same
restriction. 

> This example shows the possibilities :
> http://digg.com/tech_news/Awesome_firefox_XUL_example_

But the above example shows that is easy to deploy quite complicated
interfaces. To be honest, I find the interface not so responsive. 

The main idea being using a web interface is to be independant on the
client side. I fear XUL is too strongly tied to Mozilla platform.

Best wishes,
d.
--

-- 
GPG/PGP key: A3AD7A2A David MENTRE <dmentre <at> linux-france.org>
 5996 CC46 4612 9CA4 3562  D7AC 6C67 9E96 A3AD 7A2A
Permalink | Reply | 0 comments |
headers
David MENTRE | 29 Aug 2006 13:19
Favicon

ONC RPC and HTTP simultaneously in the same server?

[ Could you please keep demexp-dev <at>  in Cc:, thanks. ]

Hello Gerd,

I'm looking at evaluating the complexity to implement *both* ONC RPC and
HTTP support in my server (currently it uses your rpc package).
Apparently, ocamlnet supports the HTTP protocol. But I'm wondering if it
is possible to handle two sockets with different handler for each
protocol with EQueue. Should I use threads? Would you have any advice?

Best wishes,
david
--

-- 
GPG/PGP key: A3AD7A2A David MENTRE <dmentre <at> linux-france.org>
 5996 CC46 4612 9CA4 3562  D7AC 6C67 9E96 A3AD 7A2A
Permalink | Reply | 1 comment |
headers
Gerd Stolpmann | 29 Aug 2006 14:33
Picon

Re: ONC RPC and HTTP simultaneously in the same server?

Am Dienstag, den 29.08.2006, 13:19 +0200 schrieb David MENTRE:
> [ Could you please keep demexp-dev <at>  in Cc:, thanks. ]
> 
> Hello Gerd,
> 
> I'm looking at evaluating the complexity to implement *both* ONC RPC and
> HTTP support in my server (currently it uses your rpc package).
> Apparently, ocamlnet supports the HTTP protocol. But I'm wondering if it
> is possible to handle two sockets with different handler for each
> protocol with EQueue. 

Yes, it is. For an example how to use nethttpd with equeue, look into
the file_engine.ml example in the ocamlnet distro.

The limitation is that there is no good support for handling large HTTP
requests, i.e. everything must be in memory, or you have to manage to
store such requests in temp files. Large HTTP replies should be no
problem.

> Should I use threads? Would you have any advice?

I have good experience using several handlers with the same equeue,
although I did not try yet the combination rpc+httpd.

You should also look into the upcoming ocamlnet2. It includes a flexible
server framework called netplex. Although its focus is multi-processing
you can also do multiplexing and multi-threading with it. The latest
version is here:

http://www.ocaml-programming.de/packages/ocamlnet-2.2test11.tar.gz
(Continue reading)

Permalink | Reply | 0 comments |
headers
David MENTRE | 31 Aug 2006 13:48
Favicon

On web client, XML and ONC RPC and their integration with demexp

Hello,

To put this message into context, Augustin has recently proposed[1] to
make a web interface for demexp using Drupal. One of the main issue of
this proposal and that there is no implementation of ONC RPC (used to
communicate with demexp server) in PHP (and hence for Drupal). However,
Drupal has a XML RPC module[2].

I started to look at this issue[3] and found no easy way to solve
it. 

One approach would be to compile the XDR description of demexp protocol
into C using rpcgen(3) and then make a PHP binding to it. While
apparently not too difficult, this approach is not very versatile: if
the protocol is modified, one needs to modify manually the PHP/C
binding.

A second approach would be to implement an RPC generator and its
supporting XDR encoding/decoding library for PHP. I haven't much
investigated this approach but it seems to me not a very simple
path. Moreover, beside demexp, I don't think a lot of people in the PHP
community are eager to use ONC RPC. :-)

A third approach would be to implement the XML RPC interface on the
demexp side. This seems doable with current infrastructure. Gerd's has
confirmed me that we could have simultaneously XML and ONC RPC inside
demexp[4] and, it should be possible to use CDuce to implement XML
parsing and generation[5]. However, I'm not entirely satisfied with this
approach: it would necessitate to have two interfaces at the demexp
server, XML RPC and ONC RPC, thus two interfaces to debug, test and
(Continue reading)

Permalink | Reply | 9 comments |
headers
Augustin | 31 Aug 2006 20:16

Re: On web client, XML and ONC RPC and their integration with demexp


Hi David,

Thank you for all the time you have put into finding a solution to our RPC 
problem.

I don't have much specific information to share. I can only make a few general 
comments.

To start with, it is obvious that the choice at the end is yours to make. 
Whatever is decided, it is more than likely that you will be the one to have 
to implement it.

I will do my best to help, but really, this is not my area of expertise. 
I can code in PHP (fairly well, but I still can improve: I am an amateur, not 
a professional), but I CANNOT code a PHP module in C.

If you did come up with a solution that requires me to make significant 
changes to my development setup, I can do it (with some help, if needed). For 
example, if you did come up with a new PHP module, I can learn how to compile 
PHP so that it includes  the new module.
But in such a scenario, I would be more worried about the long term 
consequences of such a choice. I would be happy to code the Drupal client on 
my own for a few months, but if the difficulty in  setting up a development 
platform becomes a barrier for other developers to join me in my coding 
effort, we loose a bit part of the interest in choosing a CMS in PHP (namely, 
the number of PHP developers available).

On Thursday 31 August 2006 07:48 pm, David MENTRE wrote:
> Hello,
(Continue reading)

Permalink | Reply | 1 comment |

Gmane