Kerry, this is for you :-)
Thanks for the encouraging feedback. The fact is that its been a long time that I haven't developed JNEXT due to other projects taking too much of my time. However, I really do want to continue the development.
The security infrastructure can take JNEXT to the level where it can be safely used on any Web site. I spent a lot of time trying to think of the ways in which the security design can be compromised and it seems as though all the angles have been covered. However, more scrutiny is required and the development involved would take quite a bit to complete in my spare time, so I'm sort of waiting until something changes - i.e either someone capable with enough time will want to help out or I suddenly get very rich and will be able to put in the time this project deserves. Until either of these occur, I'm afraid that progress will continue to be slow.
All the best,
Subject: JNEXT ver 1.0.9?
On Thursday, May 13, 2010, 04:05 PM, Kerry wrote:
I was wondering if you still plan on developing the next version of JNEXT (with the security attributes you mentioned would be in 1.0.9).
I think this is a great concept and hope you haven't gotten discouraged...
Thanks for your reply,
[ 2 comments ] ( 53 views ) | permalink | ( 3 / 2272 )
In a nutshell, for anyone who is interested - the Web security is achieved using a backend utility that creates a signed file of various dependencies and signed digests of the site that requires real time verification by the JNEXT client. The JNEXT client when accessing this site in real time does not enable any native operation until the current page contents and CSS/script dependencies has been verified to be authentic.
The server backend utility has been completed and what is left is the non-trivial task of building the real-time JNEXT client side security mechanism.
[ 2 comments ] ( 106 views ) | permalink | ( 2.9 / 2218 )
The past couple of weeks I've been laying the infrastructure for the PKI based security system for enabling JNEXT to safely run on public Web sites.
Completing the back end and the client side security framework takes quite a bit of work - I expect the new version of JNEXT containing this functionality will be complete sometime in January 2009 - so there will be a bit of silence on this blog until then - but don't get the wrong impression: JNEXT is growing and maturing every day and my ambitions for its use are of megalomanic proportions... :-)
[ add comment ] ( 19 views ) | permalink | ( 3.1 / 180 )
[ 2 comments ] ( 62 views ) | permalink | ( 3 / 1801 )
Since at this point, there are not many people actively involved in developing JNEXT, my dilemma is whether to spend more time researching how to make JNEXT's security watertight or to forget about Web deployment for now, define JNEXT as a tool for rapid application development and concentrate on creating cool extensions for it.
Anyone care to comment ?
[ add comment ] ( 20 views ) | permalink | ( 3 / 1819 )