I need to talk to an Oracle database maintained by a large organization. I'll be doing that with a .NET (Desktop) application. Mostly it's straightforward, but I'm confused by my client's insistence that there be "encryption". I get the feeling that this is more a CYA kind of request, as the information is not particularly sensitive.
I see encryption classes in .NET and I'm more than willing to dig into them, but I have a basic nagging question. If I encrypt the information that I'm sending to these guys, how in the world would it be decrypted on their end? I have absolutely no ability to influence or modify anything on their servers or database. They've given me credentials with enough rights to run a couple of stored procedures, but that's it.
It seems to me that the communication channel should be encrypted (some kind of HTTPS thing?), and this should not have much else to do with my app.
Can someone give me a leg up here and educate me? I'm not sure I'm going to get much cooperation on the other end. I just have a requirement for "encryption" with no further explanation or guidance.