I should make it clear, the intention is to use SSL and JS one-way hash, 
not just JS...




Jeremy Thomerson <jer...@wickettraining.com> 
08/03/2010 03:49 PM
Please respond to
users@wicket.apache.org


To
users@wicket.apache.org
cc

Subject
Re: Encrypt Form Fields Using JS






On Tue, Aug 3, 2010 at 1:24 PM, <mzem...@osc.state.ny.us> wrote:

> I have to laugh because I also agree its kind of crazy...
>
> Yes the original value must be hashed by the client.  The reasoning 
being
> that SSL could be broken and expose the data.  I don't necessarily agree
> but thats how the original system was written.
>

Client side JavaScript can certainly be broken *MUCH* easier than SSL.
 Perhaps the following reference [1] will help you resolve this situation 
:)

1 -
http://jobsearch.monster.com/PowerSearch.aspx?tjt=Programmer&where=New%20York



-- 
Jeremy Thomerson
http://www.wickettraining.com





Notice: This communication, including any attachments, is intended solely 
for the use of the individual or entity to which it is addressed. This 
communication may contain information that is protected from disclosure 
under State and/or Federal law. Please notify the sender immediately if 
you have received this communication in error and delete this email from 
your system. If you are not the intended recipient, you are requested not 
to disclose, copy, distribute or take any action in reliance on the 
contents of this information.

Reply via email to