----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
>I'm thinking of writing a simple encryption scheme whereby the servlet
>will make up a key pair on the fly, provide one key in a HIDDEN field
>in a form, and then a JavaScript script will encrypt the user's input
>using said key before submitting the form. Then the servlet will
>decrypt it using the other key. It seems like a simple idea but I'm
>sure it'll be trickier to implement than it sounds. Has anyone
>already done this?
Oddly enough I had this idea yesterday at a client's site when they were
asking abut how safe it was to submit their username/password
in a form.
Yes it is feasable, you'd need a large enough prime number, to use once
for th epublic key part, some swanky Javascript to encode the username/password
and then keep the private key somewher to decode it.
It's work, the only down side is generating the key combination quick
enough for using, yet large enough not to be broken while the user is
still connected (a couple of hours maybe?)
--
Subvert the dominant paradigm
http://www.cyber4.org/members/grumpy/index.html
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
