The past few days I've been studying OpenSSL and after many searches, wading through various samples, scraping information from mailing lists and the odd documentation texts, I've finally got all the necessary plumbing together to support the security infrastructure for JNEXT. The next version of JNEXT is planned to be released with this framework, making JNEXT finally ready to be run on public Web sites.

The basic idea is as follows: Any Web site that runs JavaScript code that makes use of JNEXT, will have to sign that code with its private key, and make it's corresponding X509 certificate available for download by the JNEXT client. The JNEXT plugin will verify that the JavaScript code matches the signature, using the Web site certificate and the locally stored root certificate of the CA that issued the Web site certificate.

If the root certificate of the Certificate Authority, the Web site certificate, the JavaScript code and the JavaScript code signature are inconsistent, then JNEXT will not allow the JavaScript code from that page access to native code via JNEXT extensions.



[ add comment ] ( 3 views )   |  permalink  |   ( 3 / 61 )

---

<<First <Back | 1 | 2 | 3 | 4 | 5 | 6 | 7 | Next> Last>>

No Footer - Page Generated in 0.1631 seconds | Site Views: 12499