This page is preserved as a historic document. It has last been substantively edited on 1999/11/24 by Joseph Reagle. -- Thomas Roessler, 2006-10-11
Web security is a complex topic, encompassing computer system security, network security, authentication services, message validation, personal privacy issues, and cryptography. This page contains links to various aspects of Web and Internet security.
Overview: The World Wide Web Security FAQ
The World Wide Web Security FAQ (Frequently Asked Questions with answers) provides an overview of Web security issues, security hole alerts, and practical advice for avoiding unpleasant surprises. It is recommended as a starting point for exploration.
Security Initiatives at the W3C
The W3C is involved in the development of several protocols that relate to Web security. Presently, the main areas of work is on the signed-XML proposed activity. Other related activities include the HTTP/1.1 protocol and eCommerce. The W3C also produces software reference implementations that demonstrate the use of security measures.
Electronic Commerce Initiatives
The W3C is involved in several initiatives in the realm of electronic commerce and secure payments. More information can be found in the Electronic Commerce Interest Group pages.
The W3C has implemented Jigsaw, an HTTP/1.1-compliant Web server written entirely in Java. The source code illustrates the implementation of HTTP authentication protocols in general, and Digest Authentication in particular.
Other Security Links
Protocols and Standards
General Sources for Internet Security
Last updated: 1999-04-06T12:57:27Z
CVS $Date: 2006/10/11 21:07:56 $ by $Author: roessler $