if carrying data around in a cookie, or from otherwise un-trusty-sources, there’s no magic bullet that I’m aware of, but the most simple process I use looks like this:

Yes, there are ways around this… But it’s a simple start, and handy if you don’t need a completely secure solution (brochure sites, etc).