Mark, thank you for taking the time and helping me make peace on this
subject.



On Fri, Aug 7, 2020 at 4:28 AM Mark Waddingham via use-livecode <
use-livecode@lists.runrev.com> wrote:

> On 2020-08-06 19:28, Tom Glod via use-livecode wrote:
> > Do you think it is overkill to still encrypt it before I send it?
>
> Yes :)
>
> Applying industrial strength encryption twice does not increase security
> - it just wastes processor cycles.
>
> Indeed, if you are encrypting data to send over an encrypted stream then
> you must have a secret for this secondary encryption somewhere.
>
> If this secret is transmitted over the wire - then your second set of
> encryption is only as secure as the original connection (if someone
> could sniff the latter, then they can sniff out your secret for the
> extra encryption).
>
> If this secret is not transmitted over the wire and is just 'known' to
> both sides - then it means you must have a secret buried somewhere on
> both sides, probably less securely then the mechanisms used by SSL to
> establish the secret it uses to encrypt the stream.
>
> Warmest Regards,
>
> Mark.
>
> --
> Mark Waddingham ~ m...@livecode.com ~ http://www.livecode.com/
> LiveCode: Everyone can create apps
>
> _______________________________________________
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>


-- 
Tom Glod
Founder & Developer
MakeShyft R.D.A (www.makeshyft.com)
Mobile:647.562.9411
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Reply via email to