Hi, Could you be more specific ? I thought md5 was a one-way hash, so you couldn't get back to the original string, so was secure. Do you mean anti-replay as in IPSEC anti-replay ? If so how do I build the equivalent in PHP ? I know very little about hashing, encryption etc. so any info would be appreciated.
Thanks, Nick -----Original Message----- From: Peter Hicks [mailto:[EMAIL PROTECTED]] Sent: 18 February 2003 14:43 To: Clarkson, Nick Cc: '[EMAIL PROTECTED]' Subject: RE: [PHP] Help with authentication 'design' Nick, md5 is a hashing function, not an encryption function. You need anti-replay if you want the password transfer to be secure On Tue, 18 Feb 2003, Clarkson, Nick wrote: > Would this pass both variables in clear text back to the server ? If so > would it be better to do this; > > [cut] > > Would this then pass both variables after being hashed with md5 ? Am I > barking up the wrong tree ? Or just plain barking ;oD This private and confidential e-mail has been sent to you by Egg. The Egg group of companies includes Egg Banking plc (registered no. 2999842), Egg Financial Products Ltd (registered no. 3319027) and Egg Investments Ltd (registered no. 3403963) which carries out investment business on behalf of Egg and is regulated by the Financial Services Authority. Registered in England and Wales. Registered offices: 1 Waterhouse Square, 138-142 Holborn, London EC1N 2NA. If you are not the intended recipient of this e-mail and have received it in error, please notify the sender by replying with 'received in error' as the subject and then delete it from your mailbox. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php