Comments on: Encrypted contact forms for WordPress

By: Alex Günsche

Alex Günsche — Wed, 27 Jun 2007 10:49:53 +0000

Cool, Thawte offers free e-mail certificates? How can I get one? edit: I found it! I'll check it out.

By: matt

matt — Tue, 26 Jun 2007 17:10:15 +0000

Thanks for this, if you combine this with a free email cert from Thawte or enigmail then you have user-agent to server to webmaster encryption without the need for SSL.
This can also be adapted to protect your session variables and sensitive cookie data from being replayed, with a few tweaks.
Very useful

By: Alex Günsche

Alex Günsche — Sun, 03 Dec 2006 10:38:41 +0000

Hey dude, how about putting that fancy cigaret aside and asking your question once again?

By: dude

dude — Sat, 02 Dec 2006 20:52:03 +0000

So what´s the real benefit?
I thought this might protect any contact forms, but it doesnt, does it?

By: Cregy

Cregy — Fri, 01 Dec 2006 08:12:49 +0000

Encrypted Contact Form…

From the website:
We are happy to announce the release of our next great WordPress plugin. It is called Subrosa and it is a snap-in for various WordPress contact forms to allow Public Key encryption of confidential messages. What this is and what the b…

By: Romerican

Romerican — Wed, 29 Nov 2006 12:25:05 +0000

The CIA might not read it in 100 years, but you can bet that perpetual cat-and-mouse will allow the NSA to read it within 10 years (and that’s assuming they don’t actually target you actively). Even though encryption merely buys you a little time, I’m very glad you’ve shared this plugin. I’ll try it out.

By: Alex Günsche

Alex Günsche — Wed, 29 Nov 2006 10:50:43 +0000

I never would have expected that Javascript was fast enough to do the math required for PKI in a reasonable amount of time.

Me neither. I had been searching for something like this for quite a time on the web, and I was very impressed when I first saw Mr. Hanewinkel’s implementation.

By: Alan J Castonguay

Alan J Castonguay — Wed, 29 Nov 2006 01:13:56 +0000

I never would have expected that Javascript was fast enough to do the math required for PKI in a reasonable amount of time. Apparently that assumption was incorrect, and thus, this is really cool.

By: Alex Günsche

Alex Günsche — Tue, 28 Nov 2006 10:05:19 +0000

Hello “Michael Moore”,

I’m afraid you didn’t understand what this is about. The article you mention is about protecting e-mail-adresses from being harvested by spammers. This has nothing to do with real encryption. We’re talking about protecting a message with special methods, so that even the CIA won’t read your message within the next 100 years.

By: Michael Moore

Michael Moore — Tue, 28 Nov 2006 08:15:22 +0000

You can’t use JavaScript for protection

http://neosmart.net/blog/archives/193

I found this link in less than 2 seconds, it was on a ha.ckers.org post. It explains fully why these methods will never work.