> I believe the original question involved more of a dynamic modification
Actually, modification of the data isn't necessarily a large concern, so
much as an intruder viewing the data. I actually hadn't quite thought of
an intruder modifying the data though. But, since we are not only
encrypting the data, but signing it as well (I hadn't mentioned that) then
perhaps we are covered for that?
> Which key is being used to encrypt the data? If the public key is being
Encrypting with public key, signing with private.
> Perhaps you should propose to your client a reevaluation of what exactly
This is the difficult part (imho). The client (like many) doesn't always
know just what they want, just that they want things secure. From who?
Why? How? They're not sure. They have another security consultant who is
supposedly determining these (and I don't get insight into this).
--
// Andrew MacKenzie |
http://www.edespot.com
// perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
- application/pgp-signature attachment: stored
This archive was generated by hypermail 2.1.8
: Wed Aug 23 2006 - 14:02:45 EDT
|
