Http or https
janschenkel at yahoo.com
Sat Nov 23 03:13:01 EST 2002
--- Chipp Walters <chipp at chipp.com> wrote:
> I got a question for all of you https users....
> Exactly what do you want it
> for? Please cite some examples. IOW, would it be
> better to have an encrypt
> tool instead? There seem to be lots of workarounds
> for a *mostly* secure
> solution using RR/MC. (md5digest with base64encode
> offset by your
> My understanding of one of the basics of
> public/private key encryption is
> that the client 'browser' side doesn't need to know
> the challenge phrase.
> But, if you're building the client (RR or MC) then
> it's easy to embed the
> challenge phrase. Now, I'm not so sure you can build
> international banking
> applications this way, but surely you can do a 99%
> I guess I'd like to better understand a 'case' where
> I couldn't solve the
> problem in RR/MC.
> Next question... how much would everyone be willing
> to pay for an https
> somewhere in-between?
This approach would work just fine if you have control
over both client and server side (in which case you
could just forego libURL, open a connection and start
transfering data, knowing in advance how you're going
to encrypt it)
But it's a very different situation when you're just a
link in the chain and have to work with what has been
previously installed and programmed. Especially when
you're linking to 'outside' sources, where you have no
say whatsoever in the implementation.
In reply to your second quesion: as I don't need it
right at this momnet, I'd sit and wait for RunRev 2.1
with built-in support ; and probably get the external
if the need arises, in which case I'd make the
customer pay for it if he needs it that desparately
and that quickly ;-)
"As we grow older, we grow both wiser and more foolish at the same time." (La Rochefoucauld)
Do you Yahoo!?
Yahoo! Mail Plus Powerful. Affordable. Sign up now.
More information about the Use-livecode