So why are you asking this question to a PHP list?
> -Original Message-
> From: Svensson, B.A.T. (HKG) [mailto:[EMAIL PROTECTED]]
> Sent: 11 June 2002 15:44
> To: [EMAIL PROTECTED]
> Cc: Php Win32 list
> Subject: RE: [PHP-WIN] How to pass passwd Server <-> Cl
> Have you looked and the Challenge-Response Authentication stuff in phplib?
>
> Just a thought...
Thanks for your tips. I am aware of it, but I can't (currently) use
php because of policy decisions. Also I realize that I need to make
an errata on my quote from Monday, June 10, 2002 15:49:
"And
Thanks for your feedback Scott!
> You should also keep in mind that it's exceedingly dangerous
> to "re-invent the wheel" when it comes to cryptography. Heavily
> peer-reviewed algorithms (which are not always the most secure)
> are always your best bet.
I don't intend to do that: I just want t
You should also keep in mind that it's exceedingly dangerous
to "re-invent the wheel" when it comes to cryptography. Heavily
peer-reviewed algorithms (which are not always the most secure)
are always your best bet.
Even though SSL isn't the best overall option for 100%
total security, if you go
Anders, what's wrong with SSL? It uses both the cipher suites you mention
(DES is no longer deemed "secure" by the way, 3DES is the way to go, and you
can't use DES on its own, since you need to exchange your private keys
somehow, hence they must encrypted with a public key). 3DES is faster than
> > But before I start all this implementation, I wonder what other
> > kinds of solution other might have been using - I would prefer
> > not to have scripts running on the client side, but a public
> > key system force me to do this. (And I can use php, so it
> > pointless to refer to any php sp
Monday, June 10, 2002, 2:49:14 PM, you wrote:
> But before I start all this implementation, I wonder what other
> kinds of solution other might have been using - I would prefer
> not to have scripts running on the client side, but a public
> key system force me to do this. (And I can use php, so i