The specs say that it is used to encrypt form data. But in the debugger all the data is open, and in addition to the data, the key is also transmitted. Then the meaning of it?
- Everything that is on the client side is available to him anyway. - VladD
- @ReklatsMaster But in the debugger, all data is open. Should these manipulations be hidden from the user? To from, you bastard, in no case do not skip? - alexlz
- > Then the meaning of it? The point is to give the server the public key, and keep the private key. The user has the right to own their private keys, is not it? - Nofate ♦
- @alexlz You won’t believe it, but I tested your theory with Fiddler`a. The result is the same. Separately key and unencrypted form data. - ReklatsMasters
- @Nofate Well, I'll give the server a public key. And then what? - ReklatsMasters
|
1 answer
It alone does not encrypt data, it only creates a bunch of public and private keys. And then you decide how to use it - encrypt their messages or signature.
Those. the server and your client must themselves encrypt their data with this key and conduct all further communications with it.
How does public key encryption occur you can see here - Public key cryptosystem
Aleksander K. Aleksander K.
2,069 6 20
|