> I have been asked by a client to research x.509 encryption in > ColdFusion.
X.509 is not an encryption algorithm. It is a PKI key-management standard that uses certificates. > To give a brief background, we are trying to setup a Single > Sign On Solution with a vendor. People from their site will come > to ours, and they will send us some encrypted data in a form post, > which we can decrypt the data and then sign them into our system > based on some encrypted data. > > Initial we spoke of using PGP decryption, which we set up > w/ the Digital Outlook custom tag and the PGP desktop software. > Unfortunately, the PGP software appears to disable ColdFusion's > WSConfig utility ( More details here: > <http://www.ooine.com/index.cfm?commentID=119> ), so we started > looking for alternatives. The vendor suggested x.509 encryption. In that case, why not use SSL/TLS with your x.509 certs, and send the unencrypted data through the encrypted connection? But if that's not an acceptable alternative, CFMX 7 supports many industry-standard encryption algorithms with the Encrypt and Decrypt functions - AES, Blowfish, DES, 3-DES. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:224368 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54

