On 2020-08-06 19:28, Tom Glod via use-livecode wrote:
Do you think it is overkill to still encrypt it before I send it?
Yes :)
Applying industrial strength encryption twice does not increase security
- it just wastes processor cycles.
Indeed, if you are encrypting data to send over an encrypted stream then
you must have a secret for this secondary encryption somewhere.
If this secret is transmitted over the wire - then your second set of
encryption is only as secure as the original connection (if someone
could sniff the latter, then they can sniff out your secret for the
extra encryption).
If this secret is not transmitted over the wire and is just 'known' to
both sides - then it means you must have a secret buried somewhere on
both sides, probably less securely then the mechanisms used by SSL to
establish the secret it uses to encrypt the stream.
Warmest Regards,
Mark.
--
Mark Waddingham ~ m...@livecode.com ~ http://www.livecode.com/
LiveCode: Everyone can create apps
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
