Re: WebOPAC and encryption

Home  Mailing list  Meetings  Regional/Special  About IUG  Contact Us Help
 

 

[ List Archives Home ] [ Thread index for 2008 ] [ Date index for 2008 ] [ Author index for 2008 ]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
I have concerns regarding this as well.   From what I understand, in order to have a "true" secure connection, the host server must have a certificate(Verisign.com, Thawte.com) installed. When information is sent via an input form, the link utilizes an "https" secure protocol. The certs are inexpensive and allow for true encryption of data, especially if you plan on implementing some type of payment systems or request other "personal"  information from patrons via the web.  As far as hackers, where there is a will there is a way.  There are vast amounts of information on the net regarding browser encryption, encryption types, and protocols.

One other item regarding the forms that Innovative uses.  We had concerns raised that some of the field contents(Name) of the forms could be viewed if the browser "back" button is used after information was submitted.  This appeared to be related to IE only. We have added "META" code to our forms which expires the information if the "back" button is used.  Just an FYI...


************************************************************************************
>>> crowley@xxxxxxxxxx 08/15/00 10:55AM >>>

We just came up on III last week and I have had one customer who is 
concerned about the lack of security on the webopac.  He claims that a 
sniffer somewhere on the web could garner his customer information that 
he has accessed by putting in his name and library card #.  Does that 
customer information (name, phone#, address) actually "travel" across 
the Internet or is the only thing that can be hacked his library card # 
and name that he inputs to gain access.  (We will be implementing pins 
shortly.)  Obviously, I do not know all the technical lingo here, but I 
hope you can understand my query.  Thanks!
kc

Kim Crowley, Technology Coordinator 
Fort Collins Public Library
201 Peterson Street			phone: 970-221-6662
Fort Collins, CO  80524			fax:   970-221-6398
crowley@xxxxxxxxxx 


--
This message was distributed through the Innovative Users Group INNOPAC list.
Private replies:  Kim Crowley <crowley@xxxxxxxxxx>
Public replies:   INNOPAC@xxxxxxxxxx 
Archives:  http://innopacusers.org/list/archives/

--
This message was distributed through the Innovative Users Group INNOPAC list.
Private replies:  "Jeff Burns" <jeffb@xxxxxxxxxx>
Public replies:   INNOPAC@xxxxxxxxxx
Archives:  http://innopacusers.org/list/archives/