I was wondering if someone could explain to me why in the eagle book it
is necessary to perform
an md5 twice before sending a mac_check to a user of a number of
fields. I read in the mod_perl book that this is done 'to prevent
technically savy users from appending data to the @fields'.
my $mac_check = md5_hex($secret,
md5_hex(join '', $secret, @fields));
What I am wondering is, what situation would a user be able to append
data to the fields? I believe if you change only one bit of the data,
the mac will change, so I am a little confused.
thanks,
--eric