Thank you for the correction.
So I guess the only potential use of MD5 by itself here, because it is one
way, would be to encrypt the password (and why not the username too--that
way any snoopers wouldn't know which was the password and which was the
username) and then check that the result of the MD5 encryption matched the
MD5 of the password for the appropriate username on the other side.
BTW, I thought that, even if inefficient, the compiling of the applet on the
fly with a built in, unique key was a neat idea.
Scott Stirling
Allaire Corporation
JRun: http://www.allaire.com/developer/jrunreferencedesk/
Allaire Knowledge Base:
http://www1.allaire.com/Support/KnowledgeBase/SearchForm.cfm
> -----Original Message-----
> From: Stephen M. Gardner [mailto:[EMAIL PROTECTED]]
>
> MD5 is a secure hash not an encryption algorithm. It
> turns arbitrary
> length bitstrings into 128-bit long strings so it's kind of
> non-invertible. ;-) Something encrypted with MD5 would stay
> that way for
> good. ;-) Perhaps you meant RC5, it's a block cipher from the
> same folks
> I think (RSA.com).
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
