I'm working through some similar thought experiments regarding my own QooxDoo app.
There are other solutions to the MITM problem besides PKC. For example, you could use an authentication scheme based on zero-knowledge proofs, such as SRP (RFC 5054). These methods never involve transmission of the password itself; they only require transmission of a proof that the client knows the password. This library implements SRP in JavaScript: http://server.denksoft.com/wordpress/web-development/secure-ajax-channel-srp-hermetic/ Whether it's worth it to do this kind of thing depends not only on the application's inherent security requirements, but on proper analysis of other potential weak links -- e.g., can the JavaScript code running in the end-user's browser actually be trusted? If not, then using fancy authentication won't get you any additional security. Similarly, as a practical matter, many https-based authentication schemes are rendered trivially hackable by password reset mechanisms that require knowledge easily obtainable via social engineering or simple Facebook trolling, like "mother's maiden name", "name of pet", etc. Not to mention the prevalence of user passwords like "123456"... Dave -- View this message in context: http://qooxdoo.678.n2.nabble.com/Best-practice-encrypting-decrypting-passwords-qooxdoo-rpc-php-tp4958086p4963889.html Sent from the qooxdoo mailing list archive at Nabble.com. ------------------------------------------------------------------------------ _______________________________________________ qooxdoo-devel mailing list qooxdoo-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
