I'm wondering what to do in the case of a customer asking for a second layer of encryption on top of SSL?
For example, I have an SSL tunnel, and the customer wants me to then use symmetric key encryption on data flowing through that tunnel. The symmetric key is session-based and sent from the server to the client over the original SSL tunnel.
I am failing to see how this is more secure. If the SSL tunnel is compromised, then in theory, so is the symmetric key that is sent from the server to do the symmetric encryption during the session.
Can anyone offer any different viewpoints on this situation? I'm sure that if there was a shared secret established before-hand (like a one-time password), that this would make things more secure, but since the secret is being passed across the session over SSL, I don't see how it's buying us any extra security.
What are your thoughts, and have you had any similar experience?
Thank you