I should make it clear, the intention is to use SSL and JS one-way hash, 
not just JS...

Jeremy Thomerson <jer...@wickettraining.com> 
08/03/2010 03:49 PM
Please respond to


Re: Encrypt Form Fields Using JS

On Tue, Aug 3, 2010 at 1:24 PM, <mzem...@osc.state.ny.us> wrote:

> I have to laugh because I also agree its kind of crazy...
> Yes the original value must be hashed by the client.  The reasoning 
> that SSL could be broken and expose the data.  I don't necessarily agree
> but thats how the original system was written.

Client side JavaScript can certainly be broken *MUCH* easier than SSL.
 Perhaps the following reference [1] will help you resolve this situation 

1 -

Jeremy Thomerson

Notice: This communication, including any attachments, is intended solely 
for the use of the individual or entity to which it is addressed. This 
communication may contain information that is protected from disclosure 
under State and/or Federal law. Please notify the sender immediately if 
you have received this communication in error and delete this email from 
your system. If you are not the intended recipient, you are requested not 
to disclose, copy, distribute or take any action in reliance on the 
contents of this information.

Reply via email to