[snip] Why *must* you use SSL? Again, devil's advocate here (SSL is probably much better) but that doesn't mean that you can't use some crazy JS and PHP to implement some alternative encryption technique. (Say a symmetric algorithm that isn't implemented in any standard SSL implementations, or a proof of concept etc.) For example: - Client (javascript) and Server (PHP script) decide on some key via secure key negotiation. - One end encrypts message using key and wacky encryption algorithm, other end decrypts it. Same thing again, client/server reversed. [/snip] This still leaves any Javascript exposed, doesn't it? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
