CurveCP: Usable security for the Internet
HTTPCurve: using CurveCP to protect HTTPThis page is under construction.
There are two competing models for CurveCP deployment: the "simple" model and the "tunnel" model. At the moment this page describes only the "simple" model, and provides only a brief summary of the model.
There are three steps for a system administrator to enable CurveCP for HTTP:
When a CurveCP-aware client is about to contact an HTTP server, it checks the server name to see whether the name contains a correctly encoded CurveCP public key and extension. If so, the client makes a CurveCP connection to UDP port 80, rather than a TCP connection to TCP port 80.
The details of checking a server name aren't documented here yet but are similar to the details of DNSCurve.
VersionThis is version 2011.02.11 of the httpcurve.html web page.