Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

Re: Perl & Java -- Can they keep a secret?

by etcshadow (Priest)
on Nov 17, 2003 at 07:50 UTC ( #307592=note: print w/replies, xml ) Need Help??

in reply to Perl & Java -- Can they keep a secret?

Do, do, do use SSL. If you actually want this communication to be secure, then any other option is just silly. Well, check that: PGP would also make sense... since you only care that the passwd be encrypted (which is a kind of odd requirement), then you can just PGP the passwd, and send the encrypted block over the connection.

The point is: this kind of security is hard. Smart people have already put a lot of work into coming up with good, strong, portable solutions (like SSL and PGP), and you should use one of them. If you try to reinvent the wheel here, you will spend far more time and end up with something which is not secure.

Not an editor command: Wq
  • Comment on Re: Perl & Java -- Can they keep a secret?

Replies are listed 'Best First'.
Re: Re: Perl & Java -- Can they keep a secret?
by Flame (Deacon) on Nov 17, 2003 at 22:14 UTC
    The only reason I have for not encrypting the rest of the data is that I don't feel it's necessary as nothing after the password is confidential. My biggest concern is the extra CPU time required to encrypt the trivial information.

    My code doesn't have bugs, it just develops random features.


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://307592]
[choroba]: my son #2 would eat them all, regardless of the design :-)
[LanX]: healthy intelligent kids!
LanX when they reach my age they'll eat them sorted

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (10)
As of 2017-12-16 16:15 GMT
Find Nodes?
    Voting Booth?
    What programming language do you hate the most?

    Results (457 votes). Check out past polls.