I've just come across jCryption, which claims to be a method for securely submitting forms, if you have JavaScript enabled, without needing to setup SSL.

Aside from being utterly useless without JS, can anyone tell if it is actually secure or not? :S

Is this anything like those really handy-dandy JS password scripts? arf

Seems to be pretty secure, it uses an industry-standard asymmetric encryption algorithm up to 2048-bit in strength.

 

My concern would be over trusting a site that hasn't forked out a measly £250 for an SSL cert but still wants important enough information for it to require encryption.

In this instance, it's an event registration form for a charity organisation, so if it is actually a reliable method then fair enough.

Heh, looks like Go Daddy are currently doing SSL certificates for less than $30 a year.

Unless there's some catch I'm missing, it seems odd that everyone else is at least five times that price? :S

Looks good. GoDaddy are pretty big in Americaland. And 'The Go Daddy Group' is listed as a default certifying authority in Firefox 3.5 at least.

As an aside, a pilot/podcaster I subscribe to has his site hosted there. And he's a 757 captain, so he must be trustworthy!

Yeah, knew of them as a big host/etc; found out they're a CA via the Firefox list, and presumably MSIE will also include them, given their size.


Does the 757 aspect of the pilot increase his trustworthiness, or was that just informational?

It increases the number of people he can take with him should he decide to end it all.

 

Verisign seemed to be more expensive that Thawte when I looked, but the difference wasn't quite that significant. At $30 it becomes worth more of a punt.

Yep, Verisign is pretty much what Rich quoted - £259 or so, whereas Thawte was $150, which is around £95 according to the big blue G.