Saturday, April 26, 2014

[gfebkmya] Signed web pages

Neither HTTP nor HTML offer easy ways of publishing signed web pages, e.g., signed with a GPG key, nor for clients (browsers) to check signatures.  I suspect it can easily be added to HTTP.

It was a lost opportunity to widely deploy PKI.

Signed content is cannot easily be repudiated, which might not be desirable; one must live with what you said forever.

The motivation was for powerful institutions to always publish with a signature, making it possible to hold them accountable.

No comments :