MashSSL – An Excellent Idea You’ve Probably Never Heard Of…
I’ve been meaning to write about MashSSL for a while as it occurs to me that this is a particularly elegant solution to some very real challenges we have today. Trusting the browser, operator of said browser or a web service when using multi-party web applications is a fatal flaw.
We’re struggling with how to deal with authentication in distributed web and cloud applications. MashSSL seems as though it’s a candidate for the toolbox of solutions:
MashSSL allows web applications to mutually authenticate and establish a secure channel without having to trust the user or the browser. MashSSL is a Layer 7 security protocol running within HTTP in a RESTful fashion. It uses an innovation called “friend in the middle” to turn the proven SSL protocol into a multi-party protocol that inherits SSL’s security, efficiency and mature trust infrastructure
Make sure you check out the sections on “Why and How,” especially the “MashSSL Overview” section which explains how it works.
I should mention the code is also open source.