maybe public key encryption using JavaScript http://travistidwell.com/blog/2013/02/15/a-better-library-for-javascript-asymmetrical-rsa-encryption/
Just being curious, why is SSL not available? Thanks Michael Am 24.09.14 14:16, schrieb Anshika: > Thanks for clarification. I do support your advise. > > However in case SSL is not available, then how can we implement this > browser side encryption. Pls suggest. > > > On Wednesday, September 24, 2014 5:23:50 PM UTC+5:30, Marvin Addison wrote: >>> I think he refers to the client side (the browser) encrypting the >> password, shipping that through to the server, and the server decrypting >> it. >> >> It's hard to imagine what additional security that would provide in >> addition to SSL/TLS transport security that encrypts the entire form >> payload including the password. The security characteristics are the >> same: the client has access to the cleartext password and the server >> has access to the decryption key to decrypt the ciphertext. You add >> some new problems like browser support for encryption and symmetric >> key exchange/management. I would strongly advise against it. >> >> M >> >> -- >> You are currently subscribed to [email protected] <javascript:> as: >> [email protected] <javascript:> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
