Andrei wrote:
Then get a SSL certificate and let the browser do the job. If you do it
with JavaScript or open-code language why shouldn't I just take your
code and sniff the data you/the browser sends and decrypt it.
Just playing devil's advocate here...But I believe that if implemented
properly, encryption/decryption on the client could be secure, for
example a diffie-hellman key exchange with AJAX, followed by encryption.
jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
