Dan,---------------------------------------------------------This message is sent to you because you are subscribed tothe mailing listHi - thanks for your feedback - it's definitely helpful.One initial question re: your 256 char seed, I thought (from the docs) that the seed length was limited to eight characters?One idea I'm thinking through, which I pretty sure was mentioned on the list before, is to include a client specific seed and other things such as API keys in an encrypted template. Maybe set up a few custom functions on the template so the seed could never be exposed as a variable even if a hacker got access to the source code.A difficulty I have though is that I can't document to a client how [encrypt] and [cart] work. I use [encrypt] for storing passwords, and [cart] for generating session cookies.While I can understand that WebDNA may not want to divulge how these tags work, it leaves me with a situation where all I can say to a client is 'trust us'. I can't state the level of predictability of [cart], or the levels of cryptography used in [encrypt].- Tom.To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.usBug Reporting: support@webdna.us
Dan,---------------------------------------------------------This message is sent to you because you are subscribed tothe mailing listHi - thanks for your feedback - it's definitely helpful.One initial question re: your 256 char seed, I thought (from the docs) that the seed length was limited to eight characters?One idea I'm thinking through, which I pretty sure was mentioned on the list before, is to include a client specific seed and other things such as API keys in an encrypted template. Maybe set up a few custom functions on the template so the seed could never be exposed as a variable even if a hacker got access to the source code.A difficulty I have though is that I can't document to a client how [encrypt] and [cart] work. I use [encrypt] for storing passwords, and [cart] for generating session cookies.While I can understand that WebDNA may not want to divulge how these tags work, it leaves me with a situation where all I can say to a client is 'trust us'. I can't state the level of predictability of [cart], or the levels of cryptography used in [encrypt].- Tom.To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.usBug Reporting: support@webdna.us
DOWNLOAD WEBDNA NOW!
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...