Susan, did you ever get an answer to this? There are many levels on which
one could provide an answer, but perhaps the simplest is that if your web
pages (html, jsp, cf, asp, whatever) are on a web server that has a server
certificate installed, then when a browser requests a page from that server
using HTTPS (rather than HTTP), the communications between the browser and
server will be encrypted, automatically.
Your code doesn't have to "ask for the key" or "do the encryption", it's all
done for you by the browser and server. And note that this is the web server
taking care of the details, not your application server (assuming they're
separate things). So any Jrun, ColdFusion, ASP, or other dynamic pages don't
need to do anything to handle the encryption/decryption. It's done for you
by the web server before it passes the page request to the application
server (JRUN, CF, ASP).
Note that it's possible that you may be limited to serving such "secured"
pages from a particular directory, depending on how the certificate and
support for SSL were installed.
/charlie
-----Original Message-----
From: Susan M. Orndorff [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 04, 2001 6:06 PM
To: JRun-Talk
Subject: Shameless newbie question re encrypt/decrypt
I am trying to teach myself about security re encryption, digital
signatures, and certificates, etc. I understand the explanations of how
these work when the books say e.g."you ask for the recipients public key,
and use that to encrypt...." etc. etc.
Here is my question, how do you actually implement "asking for a public key"
and "using it to encrypt" ? Does one buy a software package that does all
this for you??
I am stuck on how the actual implementations of these procedures are carried
out.
TIA..
--susan
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=sts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
