End-To-End Encrypted (EE2E) Websites? - eviltoast

Is there a way to develop and website using JS (and perhaps PHP) to create an E2EE website. Were all packets sent between the server and the userw device are E2EE, wrapped in a layer of encryption?

I know there is HTTPS but I am looking for something stronger than HTTPS.

By using some JS or PHP E2EE package, would I have to write or structure the website code very differently than you normally would?

  • towerful@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    And you cant use self signed certificates because?
    They provide the same level of encryption. The benefit of a domain and a trusted CA issued cert is that browsers/os will automatically trust that the server is who its said it is (ie you dont get a warning).

    But if you import your servers root CA to your OS, then your OS (and browser) will automatically trust any cert issued using that root cert, thus you dont get a warning.

    With or without a warning, it will still encrypt at TLS1.3