Secure Socket

Mark Waddingham mark at
Fri Aug 7 04:28:33 EDT 2020

On 2020-08-06 19:28, Tom Glod via use-livecode wrote:
> Do you think it is overkill to still encrypt it before I send it?

Yes :)

Applying industrial strength encryption twice does not increase security 
- it just wastes processor cycles.

Indeed, if you are encrypting data to send over an encrypted stream then 
you must have a secret for this secondary encryption somewhere.

If this secret is transmitted over the wire - then your second set of 
encryption is only as secure as the original connection (if someone 
could sniff the latter, then they can sniff out your secret for the 
extra encryption).

If this secret is not transmitted over the wire and is just 'known' to 
both sides - then it means you must have a secret buried somewhere on 
both sides, probably less securely then the mechanisms used by SSL to 
establish the secret it uses to encrypt the stream.

Warmest Regards,


Mark Waddingham ~ mark at ~
LiveCode: Everyone can create apps

More information about the use-livecode mailing list