Shen: A Security Scheme for the World Wide Web
The shen proposal has a number of components:
- Specification
- Description of the ideas behind Shen and implementation details.
- Code
- Source code is avaliable but at present has only been tested on a Sun and is known to fail on little endian
machines (eg DECstation). Binaries are avaliable for
Sun only.
- SecuDE
- The European release of Shen makes use of many subroutines taken from the Secude product. It is intended that future releases of Shen will provide the option of interfacing to the Secude key management facilities.
- WIT Discussion
- Discussion of security issues on the Web.
This work was funded by the European Union and CERN.
Other Documents of interest
-
HTTP
- S-HTTP
- CommerceNet Secure HTTP Proposal
- MIME RFC1521, RFC1522
- Multi-media Internet Mail Extensions
- PEM: RFC 1421, RFC 1422, RFC 1423, RFC 1424
- Privacy Enchanced Mail.
- GSS: RFC-1508, RFC-1509
- Generic Security Service
- Certificate Scheme Requirements
- Certificate handling scheme.
- TAOS authentication
- a system that has forwarding of credentials
- An Extensible Framework for Authentication and Delegation
-
Proxy-Based Authorization and Accounting
for Distributed Systems
Philosophy.
The guiding philosophy behind this proposal has been to build as far as is
possible on existing RFCs. In particular the PEM specifications.
This is to encourage integrated mail, news and Web systems.
It is envisaged that a common consensus for an interworking standard will be
reached following Shen and other work on secure forms of HTTP for example by
Tony Sanders of BSDi, and by the team at EIT.
Phillip M.
Hallam-Baker CERN Programming Techniques Group hallam@alws.cern.ch Version 1.0R2