> details along the wire than SSL. We have a client who wants
> security but does not trust SSL.
>
> Is there anything out there I can look into.
There are all sorts of things you can use on the client to do this. I once
worked on a project that used a Netscape plugin to encrypt everything with
S/MIME before sending it through SSL.
However, you're probably better off just using SSL, as any sort of
client-side solution will depend on relatively complex and fragile
client-side stuff. The fact is, SSL is secure enough for the vast majority
of cases, and if it's not, you might want to rethink whether you want to use
a public network at all for your application. SSL/TLS gets a lot of public
scrutiny, and security issues are pretty rare and quickly addressed when
found.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
