The reason it is generally considered bad form is you have no control over the data:
- Consider a replay attack. Someone gets the encrypted information stores it for a while and sends it back.
I have other measures to counter a replay attack -- the data can only be entered into the database once. Replays fail if the record already exists in the database.
Consider a crack of the cypher. Someone determines the plaintext, modifies it and sends it back (not to mention your entire application is now exposed).
Interesting point -- I'll amend my approach to modify the data before encryption, then reverse that process when it comes out the other side.
Consider a corruption. Someone arbitrarily changes some bytes and sends it back. It may decrypt and crash (or worse!) your application.
I'll have to live with that .. it's been a while since I saw a web page corrupted.
--t. alex
"Here's the chocolates, and here's the flowers. Now how 'bout it, widder hen, will ya marry me?" --Foghorn Leghorn