Secure (SSL) Connections (aka Protecting Code)
Mark Brownell
gizmotron at earthlink.net
Sat Apr 24 16:58:33 EDT 2004
On Saturday, April 24, 2004, at 12:22 PM, Dreamscape Software
Webmaster wrote:
> Alright, if I just connect with the "get url" command to a secure
> server, is
> the connection secure? Ex: get url
> https://process.somecreditcard.com/process.cgi
>
> Derek Bump
> Dreamscape Software
Derek
Sorry. I wish it were that easy. The problem is the server at
"https://process.somecreditcard.com" might be secure but the data you
want to send to it won't be in a rev app. The way it works is like
this: Your browser uses a key that is used to encrypt data that you
send to that server from a secure website form or similar process
during send or post. What's important is protecting your personal data
as it is passed to the secure server. Keys can be registered with
Verisign. It would be pointless if everyone used the same encryption
key to protect their important data. This is a great thing that
Verisign did.
Now if you control the server you can send it any encrypted data with
your own secret decoder ring encryption. You of course would have your
own key to decrypt it with.
Hope that helps,
Mark
More information about the use-livecode
mailing list