cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "cib" <c....@laposte.net>
Subject Re: Forms pseudo and passwd encryption
Date Fri, 17 Aug 2001 17:29:57 GMT
Thanks, 
I'll try and install pgp.
But is there a command in xsp to encrypt datas in a form, and to decode it when using the
formvalidator? (Like in mysql, the encrypt function)
Otherwise, password is send in plain text inside the post/get method.
Thanks for your help

Cib

France, Bordeaux, xml and gay pride.
  ----- Original Message ----- 
  From: Karl Øie 
  To: cocoon-users@xml.apache.org ; cib 
  Sent: Friday, August 17, 2001 11:04 AM
  Subject: RE: Forms pseudo and passwd encryption


  ssl now secures the actual connection between your server and the client, but it is still
uncrypted on both the client and server machine.

  to further secure your form data you should use an encryption on whatever medium you store
the data in on the server, and preferably an encryption that can create a public key to send
to the user, and a private key to store data on the server. (f.eks PGP)

  then comes the problem that your application will have to contain your public and private
key, so now it is very very very important to secure the operating system and network you
run your application on.

  mvh karl

    -----Original Message-----
    From: cib [mailto:c.cib@laposte.net]
    Sent: 16. august 2001 23:22
    To: Cocoon User Mail List
    Subject: Forms pseudo and passwd encryption


    Hi, 
    With help of tomcat user list, I've got my ssl working .
    I wonder now how to completely secure my forms datas? 
    How should I encrypt names and password from the register form?

    Thanks for any help,
    I'm learning a lot, but still a newbie in security things.

    Cib

    France, Bordeaux, xml and gay pride.

Mime
View raw message