So why are you asking this question to a PHP list?
> -Original Message-
> From: Svensson, B.A.T. (HKG) [mailto:[EMAIL PROTECTED]]
> Sent: 11 June 2002 15:44
> To: [EMAIL PROTECTED]
> Cc: Php Win32 list
> Subject: RE: [PHP-WIN] How to pass passwd Server <-> Cl
> Have you looked and the Challenge-Response Authentication stuff in phplib?
>
> Just a thought...
Thanks for your tips. I am aware of it, but I can't (currently) use
php because of policy decisions. Also I realize that I need to make
an errata on my quote from Monday, June 10, 2002 15:49:
"And
Thanks for your feedback Scott!
> You should also keep in mind that it's exceedingly dangerous
> to "re-invent the wheel" when it comes to cryptography. Heavily
> peer-reviewed algorithms (which are not always the most secure)
> are always your best bet.
I don't intend to do that: I just want t
good crypto suite should not be compromised simply by
> having the algorithm available. In fact, for a secure connection, at least
> some of the work must be done at the client end.
>
> Hope that helps! :)
>
> Cheers
>
> Ross
>
>
> > -Original Message-
>
--
> From: Svensson, B.A.T. (HKG) [mailto:[EMAIL PROTECTED]]
> Sent: 10 June 2002 14:49
> To: Php Win32 list
> Subject: [PHP-WIN] How to pass passwd Server <-> Client in a "secure"
> way
>
>
> Dear Mr/Miss/Mrs/Madam/Sir All,
>
> I am currently thinking of how
> > But before I start all this implementation, I wonder what other
> > kinds of solution other might have been using - I would prefer
> > not to have scripts running on the client side, but a public
> > key system force me to do this. (And I can use php, so it
> > pointless to refer to any php sp
Monday, June 10, 2002, 2:49:14 PM, you wrote:
> But before I start all this implementation, I wonder what other
> kinds of solution other might have been using - I would prefer
> not to have scripts running on the client side, but a public
> key system force me to do this. (And I can use php, so i
Dear Mr/Miss/Mrs/Madam/Sir All,
I am currently thinking of how to transport the passwd between
the database and the client. One suggestion would be to use a
one pad chipper, but this is pointless if I want to update
the passwd: the key has to be distributed. So I was thinking
of using a public ke
