This page is preserved as a historic document. It has last been substantively edited on 1999/11/24 by Joseph Reagle. -- Thomas Roessler, 2006-10-11
IntroductionWeb security is a complex topic, encompassing computer system security, network security, authentication services, message validation, personal privacy issues, and cryptography. This page contains links to various aspects of Web and Internet security. Overview: The World Wide Web Security FAQThe World Wide Web Security FAQ (Frequently Asked Questions with answers) provides an overview of Web security issues, security hole alerts, and practical advice for avoiding unpleasant surprises. It is recommended as a starting point for exploration. Security Initiatives at the W3CThe W3C is involved in the development of several protocols that relate to Web security. Presently, the main areas of work is on the signed-XML proposed activity. Other related activities include the HTTP/1.1 protocol and eCommerce. The W3C also produces software reference implementations that demonstrate the use of security measures. Digital Signatures
HTTP/1.1The HTTP/1.1 protocol includes a much improved scheme for authenticating the identity of users known as Digest Authentication. Electronic Commerce InitiativesThe W3C is involved in several initiatives in the realm of electronic commerce and secure payments. More information can be found in the Electronic Commerce Interest Group pages. Reference ImplementationsThe W3C has implemented Jigsaw, an HTTP/1.1-compliant Web server written entirely in Java. The source code illustrates the implementation of HTTP authentication protocols in general, and Digest Authentication in particular. |
Other Security LinksProtocols and Standards
Electronic Commerce
Cryptography
General Sources for Internet Security
|
Last updated: 1999-04-06T12:57:27Z
CVS $Date: 2006/10/11 21:07:56 $ by $Author: roessler $