Re: Encrypt Form Fields Using JS

I should make it clear, the intention is to use SSL and JS one-way hash, not just JS... Jeremy Thomerson jer...@wickettraining.com 08/03/2010 03:49 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS On Tue, Aug 3, 2010

Re: Encrypt Form Fields Using JS

Ok, the value will be hashed, one-way...anyone have any ideas? James Carman ja...@carmanconsulting.com Sent by: jcar...@carmanconsulting.com 08/02/2010 04:42 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS Then it's

Re: Encrypt Form Fields Using JS

/2010 04:42 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS Then it's not encryption. Encrypted data should be readable to those who have the key. On Mon, Aug 2, 2010 at 3:29 PM, mzem...@osc.state.ny.us wrote

Re: Encrypt Form Fields Using JS

Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS And, what does that buy you? Why do you want to submit one-way hashed values? On Tue, Aug 3, 2010 at 1:37 PM, mzem...@osc.state.ny.us wrote: Ok, the value will be hashed, one

Re: Encrypt Form Fields Using JS

, but this is the spec I am working with. James Carman ja...@carmanconsulting.com Sent by: jcar...@carmanconsulting.com 08/03/2010 01:45 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS And, what does that buy you? Why do

Re: Encrypt Form Fields Using JS

Correct James Carman ja...@carmanconsulting.com Sent by: jcar...@carmanconsulting.com 08/03/2010 02:12 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS So, you never need to get the original values out of the database

Re: Encrypt Form Fields Using JS

Carman ja...@carmanconsulting.com Sent by: jcar...@carmanconsulting.com 08/03/2010 02:12 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS So, you never need to get the original values out of the database? On Tue

Re: Encrypt Form Fields Using JS

Sent by: jcar...@carmanconsulting.com 08/03/2010 02:19 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS And, you don't want to convert it before you store it in the db? It must be converted at the browser level

RE: Encrypt Form Fields Using JS

or standalone javascript ssn validators out there. -Original Message- From: mzem...@osc.state.ny.us [mailto:mzem...@osc.state.ny.us] Sent: Tuesday, August 03, 2010 2:24 PM To: users@wicket.apache.org Subject: Re: Encrypt Form Fields Using JS I have to laugh because I also agree its kind

Re: Encrypt Form Fields Using JS

/2010 02:19 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS And, you don't want to convert it before you store it in the db? It must be converted at the browser level? Is there any more information you can give us

Re: Encrypt Form Fields Using JS

On Tue, Aug 3, 2010 at 1:24 PM, mzem...@osc.state.ny.us wrote: I have to laugh because I also agree its kind of crazy... Yes the original value must be hashed by the client. The reasoning being that SSL could be broken and expose the data. I don't necessarily agree but thats how the

Encrypt Form Fields Using JS

Problem: Encrypt sensitive form fields (ie ssn) on client (javascript) Solution: Create behavior which fires javascript to hash field value and replace original value (###-##-) This sounds simple enough, but since the length of the hashed string will be considerably longer than the

Re: Encrypt Form Fields Using JS

Form Fields Using JS Problem: Encrypt sensitive form fields (ie ssn) on client (javascript) Solution: Create behavior which fires javascript to hash field value and replace original value (###-##-) This sounds simple enough, but since the length of the hashed string

Re: Encrypt Form Fields Using JS

to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS Why not use a password field to keep the value hidden and SSL to make sure there are no man in the middle attacks. Seems like you are making it too hard? - Original Message - From

Re: Encrypt Form Fields Using JS

debate and the feature has been requested and must be implemented as I described... Craig McIlwee craig.mcil...@openroadsconsulting.com 08/02/2010 03:06 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS Why

Re: Encrypt Form Fields Using JS

Subject: Encrypt Form Fields Using JS Problem: Encrypt sensitive form fields (ie ssn) on client (javascript) Solution: Create behavior which fires javascript to hash field value and replace original value (###-##-) This sounds simple enough, but since the length of the hashed string

Re: Encrypt Form Fields Using JS

08/02/2010 03:23 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS override getinputasarray() on the field and decrypt it there, that way wicket sees the decrypted value -igor On Mon, Aug 2, 2010 at 12:14 PM

Re: Encrypt Form Fields Using JS

it should not replace a 'Q' with a '9' Igor Vaynberg igor.vaynb...@gmail.com 08/02/2010 03:46 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS so how do you expect to validate on server side??? -igor On Mon, Aug 2, 2010

Re: Encrypt Form Fields Using JS

Vaynberg igor.vaynb...@gmail.com 08/02/2010 03:23 PM Please respond to users@wicket.apache.org To users@wicket.apache.org cc Subject Re: Encrypt Form Fields Using JS override getinputasarray() on the field and decrypt it there, that way wicket sees the decrypted value -igor On Mon