> Okay,
>
> basically iam try to develop a security feature for php.
> i need to send a filename over public key encryption, which is SSL in this
> case, NOT https
If you want to send a file encrypted, why not use HTTPS?
> so php's engine sends it over ssl, but what happens on the client
> end? will
> it panic when a PK data is sent to it?
> or would a client program be needed to hold the encrypted data
Will what panic? What is the "client" in this case?
> would ssl not send the data to the client, the client hold it and when the
> server requests it off the client , the client would send it back
> itself, or
> is SSL based on client / server
I have no idea what you mean by the term "client". Are you talking
about a
human being using a program?
You didn't answer my question. Very specifically, what do you want to
happen on the client's side? Is there going to be a human being? If so, how
is that human being going to access your application?
What is the sequence of events supposed to be? For example, if your
application was HTTPS, your answer would be:
1) User launches a browser program.
2) User specifies the address of the server.
3) Server sends the data encrypted.
4) Client decrypts and saves to a file.
If it was an automatic update application, your answer might be:
1) Timer launches an update check
2) Client program connects to update server
3) Server sends list of updates to client
4) Client requests updates
5) Server sends updates
6) Client breaks connection
7) Client applies updates.
You need to either break it in to steps like that or tell us much more
about your application. As it is, it sounds like you're trying to re-invent
HTTPS. Why doesn't HTTPS do what you need?
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
