Re: CGI and REMOTE_USER

Adrian Nye (adrian@ora.com)
Thu, 27 Jan 94 11:48:04 -0500


> Who out there is already working on "authenticated" Mosaic, ie an http server
> which knows to serve encrypted pages to only a select set of users whose
> clients will know to decrypt them for display & interpretation?

O'Reilly and Associates is doing some work on decryption
in Mosaic (and other browsers), but not the server part. Our goal, however, is probably
different from some other people's, and may be something to think
about (or it may be irrelevant - I'm not sure).

We want to license books,
so we want people to be able to purchase keys to view the books. But we don't want
unencrypted versions of the books to get out of the browser.
We've worked out some ways to do this, but obviously it's not
the same problem as when you want to encrypt data for tranfer
over the network but you don't mind if the recipient sees the unencrypted
data files.

Adrian Nye