> I think I get it, but I stand by what I said, it appears to > me there is a disconnect when it comes to security and the > internet. I did a search on Google with "data integrity" and > hash and there are over half a million hits, touting using a > hash for data integrity.
I'm not sure what this is supposed to demonstrate, exactly. > ... you can use the cfcompile utility with the deploy switch > to protect the code on the client, can't you? No. You can use CFCOMPILE to generate "compiled" CF files, but whether you do that or not has nothing to do with whether the client can see your server-side code - under normal conditions, the client can't see server-side code, because it's executed on the server. > I guess I also need to get a better understanding of SSL, maybe > some modes of SSL will do that, and I just need to make sure I > purchase a certificate that does hash checking along with encryption. How TLS/SSL works has nothing to do with the specific certificate you purchase (beyond the key length you specify in your certificate signing request). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:286898 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
