[Owasp-leaders] Enigform News :)

Arturo 'Buanzo' Busleiman buanzo at buanzo.com.ar
Mon Mar 9 15:02:55 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Today I migrated my Wordpress blog to my server in USA, using Apache instead of lighttpd.

Why, you may ask.

Simple: mod_openpgp, the server side component for Enigform (OpenPGP for HTTP), is for Apache.

mod_openpgp, Enigform (the firefox plugin) and now the Enigform-Authentication for Wordpress plugin,
are what my OWASP SoC projects are all about.

Today, I used Enigform for Wordpress for the first time. And it just worked. I click login, and the
Secure Session gets started, using OpenPGP for everything :)... transparently for wordpress!

This is a major milestone in my life. This is what OWASP has been helping me do with the great
Summer/Spring of Code funding money.

This, I owe it to OWASP. One night at 3.30am, 3 years ago, I woke up and said 'What would happen if
I signed HTTP requests with PGP, and verified them server-side later?'... today, people, I have
something TANGIBLE for the community. Not only a protocol research, but a real TOOL for a well-known
software pice like Wordpress.

Thanks again. I'm very very happy about this :)

- --
Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREKAAYFAkm1Z98ACgkQAlpOsGhXcE0y8wCfQyC5DmqXPCU2ikJ9QDTkMT1s
U2sAnjJm8kXEw86JTfLEwsPkn1d4sgPo
=nQ/O
-----END PGP SIGNATURE-----


More information about the OWASP-Leaders mailing list