[3960] in WWW Security List Archive
Re: Javascript and Security
daemon@ATHENA.MIT.EDU (Roberto Galoppini)
Mon Jan 13 04:00:48 1997
Date: Mon, 13 Jan 1997 07:39:25 +0100
From: Roberto Galoppini <rgaloppini@tim.it>
Reply-To: rgaloppini@tim.it
To: Jacob Rose <jacob@whiteshell.com>
CC: Ocean5 <ocean5@ix.netcom.com>, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Jacob Rose wrote:
<snip>
> Perhaps the thing to do would be to build an uncopyable symbol on the top
> level of a site with a statement that indicates that that symbol should be
> visible throughout the site, and if it goes away, security may have been
> breached. A java applet that talks to the server might be one way.
I heard RSA people did something just like that. It's a 'secure'
applet saying information about the site, its certificate, and so
on.
I didn't see it yet, but it had been announced few days earlier
than Xmas.
Roberto Galoppini
rgaloppini@tim.it
"Speak,friend, and enter"
