mod_auth_openpgp ALPHA released
UPDATE: New Version available, Beta. Also check/subscribe to releases through Freshmeat.
Hi guys!
What is this? Simple: Remember Enigform, the Firefox extension I wrote so HTTP requests could be signed using OpenPGP? Well, this is an Apache module to support access authorization at Apache's global server/virtualhost/directory level. Pretty neat :P
I just wanted to let you know that the first ALPHA release of mod_auth_openpgp is ready. It has *NO* configuration options, so you need the user under your apache user to have gpg up and running with a keyring containing all public keys that will be enabled to access the Apache instance your Enigform-enabled Firefox will connect to.
To download the horrible source tarball, go here:
http://www.buanzo.com.ar/files/mod_auth_openpgp-alpha1.tgz
Check out the included README.
Hi guys!
What is this? Simple: Remember Enigform, the Firefox extension I wrote so HTTP requests could be signed using OpenPGP? Well, this is an Apache module to support access authorization at Apache's global server/virtualhost/directory level. Pretty neat :P
I just wanted to let you know that the first ALPHA release of mod_auth_openpgp is ready. It has *NO* configuration options, so you need the user under your apache user to have gpg up and running with a keyring containing all public keys that will be enabled to access the Apache instance your Enigform-enabled Firefox will connect to.
To download the horrible source tarball, go here:
http://www.buanzo.com.ar/files/mod_auth_openpgp-alpha1.tgz
Check out the included README.
And remember, this is ALPHA! :P
Sincerely,
Buanzo
Labels: English
 Liked it? Submit this post to Slashdot!
|
| posted by Arturo 'Buanzo' Busleiman @ 5:40 AM |
2 Comments:
You know, you could take this one step further and implement GPG encryption between the client and the server, all you would need is an additional HTTP header stating that the contents of the submission is encrypted.
Robert
Hi Robert!
Yes, of course I had the encryption on my mind already, that's why there an X-OpenPGP-Type (which currently it's fixed to [S]ign) header is added by Enigform. Of course, the problem is that the webserver's gpg has to get the passphrase so it can decrypt the request, and that's what I need to analyze yet.
Thanks for your comments!!
Post a Comment
<< Home