CodingjCryption - JS-based SSL alternative ?

  

Press Ctrl+Enter to quickly submit your post
Quick Reply  
 
 
  
 From:  Peter (BOUGHTONP)   11 Feb 2010 11:39 
 To:  ALL 1 of 9 
37130.1 
I've just come across jCryption, which claims to be a method for securely submitting forms, if you have JavaScript enabled, without needing to setup SSL.

Aside from being utterly useless without JS, can anyone tell if it is actually secure or not? :S
0/0
 Reply   Quote More 

 From:  99% of gargoyles look like (MR_BASTARD)   11 Feb 2010 15:57 
 To:  Peter (BOUGHTONP)      2 of 9 
37130.2 In reply to 37130.1 
Is this anything like those really handy-dandy JS password scripts? arf

bastard by name, bastard by nature
0/0
 Reply   Quote More 

 From:  Rich   11 Feb 2010 19:16 
 To:  Peter (BOUGHTONP)      3 of 9 
37130.3 In reply to 37130.1 

Seems to be pretty secure, it uses an industry-standard asymmetric encryption algorithm up to 2048-bit in strength.

 

My concern would be over trusting a site that hasn't forked out a measly £250 for an SSL cert but still wants important enough information for it to require encryption.




Rich
Web: LostJohnnies.com
Email: rich [at] lostjohnnies [dot] com
MSN Messenger: dexta1984 [at] hotmail [dot] com
____________________________________________________
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   11 Feb 2010 19:34 
 To:  Rich      4 of 9 
37130.4 In reply to 37130.3 
quote:
My concern would be over trusting a site that hasn't forked out a measly £250 for an SSL cert but still wants important enough information for it to require encryption.


In this instance, it's an event registration form for a charity organisation, so if it is actually a reliable method then fair enough.
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   11 Feb 2010 19:54 
 To:  ALL 5 of 9 
37130.5 
Heh, looks like Go Daddy are currently doing SSL certificates for less than $30 a year.

Unless there's some catch I'm missing, it seems odd that everyone else is at least five times that price? :S
0/0
 Reply   Quote More 

 From:  Rich   11 Feb 2010 20:58 
 To:  Peter (BOUGHTONP)      6 of 9 
37130.6 In reply to 37130.5 
Looks good. GoDaddy are pretty big in Americaland. And 'The Go Daddy Group' is listed as a default certifying authority in Firefox 3.5 at least.

As an aside, a pilot/podcaster I subscribe to has his site hosted there. And he's a 757 captain, so he must be trustworthy!




Rich
Web: LostJohnnies.com
Email: rich [at] lostjohnnies [dot] com
MSN Messenger: dexta1984 [at] hotmail [dot] com
____________________________________________________
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   11 Feb 2010 21:11 
 To:  Rich      7 of 9 
37130.7 In reply to 37130.6 
Yeah, knew of them as a big host/etc; found out they're a CA via the Firefox list, and presumably MSIE will also include them, given their size.


Does the 757 aspect of the pilot increase his trustworthiness, or was that just informational?
0/0
 Reply   Quote More 

 From:  99% of gargoyles look like (MR_BASTARD)   11 Feb 2010 22:01 
 To:  Peter (BOUGHTONP)      8 of 9 
37130.8 In reply to 37130.7 

It increases the number of people he can take with him should he decide to end it all.

 

Verisign seemed to be more expensive that Thawte when I looked, but the difference wasn't quite that significant. At $30 it becomes worth more of a punt.

bastard by name, bastard by nature
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   11 Feb 2010 23:55 
 To:  99% of gargoyles look like (MR_BASTARD)      9 of 9 
37130.9 In reply to 37130.8 
Yep, Verisign is pretty much what Rich quoted - £259 or so, whereas Thawte was $150, which is around £95 according to the big blue G.
0/0
 Reply   Quote More 

Reply to All    
 

1–9

Rate my interest:

Adjust text size : Smaller 10 Larger

Beehive Forum 1.5.2 |  FAQ |  Docs |  Support |  Donate! ©2002 - 2024 Project Beehive Forum

Forum Stats