Mark, thank you for taking the time and helping me make peace on this subject.
On Fri, Aug 7, 2020 at 4:28 AM Mark Waddingham via use-livecode < firstname.lastname@example.org> wrote: > On 2020-08-06 19:28, Tom Glod via use-livecode wrote: > > Do you think it is overkill to still encrypt it before I send it? > > Yes :) > > Applying industrial strength encryption twice does not increase security > - it just wastes processor cycles. > > Indeed, if you are encrypting data to send over an encrypted stream then > you must have a secret for this secondary encryption somewhere. > > If this secret is transmitted over the wire - then your second set of > encryption is only as secure as the original connection (if someone > could sniff the latter, then they can sniff out your secret for the > extra encryption). > > If this secret is not transmitted over the wire and is just 'known' to > both sides - then it means you must have a secret buried somewhere on > both sides, probably less securely then the mechanisms used by SSL to > establish the secret it uses to encrypt the stream. > > Warmest Regards, > > Mark. > > -- > Mark Waddingham ~ m...@livecode.com ~ http://www.livecode.com/ > LiveCode: Everyone can create apps > > _______________________________________________ > use-livecode mailing list > email@example.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode > -- Tom Glod Founder & Developer MakeShyft R.D.A (www.makeshyft.com) Mobile:647.562.9411 _______________________________________________ use-livecode mailing list firstname.lastname@example.org Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode