From noreply at nyphp.org Sun Nov 6 12:07:10 2005 From: noreply at nyphp.org (New York PHP) Date: Sun, 6 Nov 2005 12:07:10 -0500 Subject: [nycphp-announce] next@nyphp: Practical SSL With Apache and PHP; Internationalization with OASI; MySQL CEO, Nov. 6th; December Training Message-ID: <017a01c5e2f4$87d5a3b0$6401a8c0@MobileZ> November General Meeting: Practical SSL With Apache and PHP; Internationalization with OASI ----------------------------------------------------------------- When: Tuesday, November 22nd at 6:30pm sharp (4th Tuesday of every month) Where: IBM 590 Madison Avenue, Room 1219 (12th Floor) RSVP: http://www.nyphp.org/rsvp.php You must RSVP within 30 days of the meeting you attend! The leaves are falling and the turkeys are running but don't lose your head and miss November's general meeting at New York PHP! This month we're proud to present New York PHP authors Chris Snyder and Michael Southwell, who teamed up to write Pro PHP Security from Apress. We also have special guest Matteo Rinaudo, CCNA, from Italy. Join us as they share their insight gained while writing the book on making SSL, Apache and PHP a happy family, and Matteo's introduction of internationalization toolset, OASI. Snyder and Southwell write: Setting up an SSL-enabled web server is relatively easy using Apache's mod_ssl... so easy, in fact, that an understanding of how SSL and certificates work to ensure the privacy and integrity of HTTPS communication is not even a requirement. It just works, as is shown by the little gold lock in the browser. But as we found out in the course of writing Pro PHP Security, correctly configuring an HTTPS server to be truly secure requires a working knowledge of the tools and techniques of public-key encryption, and a general understanding of what happens during the various phases of the SSL protocol (now better known as TLS). The bonus for getting your hands dirty and really grokking SSL, as a PHP developer, is that you will end up with more than just a production-ready secure server. Thanks to PHP's OpenSSL module, your applications have the ability to sign and/or encrypt messages, including database fields, files, emails, XML values, and so on. You can also verify the integrity of signed messages, and decrypt messages that have been encrypted using your public certificate. And you can use PHP to script the creation and maintenance of keys and certificates on the command line. Our goal, then, in sixty minutes or less, is to: 1. Give you a comprehensive re-introduction to SSL/TLS, and do a quick walkthough of what's going on between server and client during the all-important handshake phase. Then we'll take a close look at the Apache configuration directives for mod_ssl. 2. Show you how to use PHP to assist in the generation, verification, and day-to-day maintenance of RSA keys and certificates. 3. Walk through PHP code for signing, verification, encryption, and decryption of arbitrary values, using those keys and certificates. Then we'll open the meeting to discussion of some of the ways that NYPHP community members use SSL and/or Public Key Encryption in their applications, and of the tradeoffs between creating your own CA and paying for a commercial signature. Once the discussion turns into a gripe session about commercial certificate authorities and patents, we'll close the meeting with a book raffle and head to TGI Fridays for beverages and grub. OASI OASI is a recursive acronym and stands for `Oasi's A Serviceable Implement'. It is a framework which allows PHP web developers to write internationalized web pages. By means of a control panel, you can add, modify, delete user created custom languages, defining items like language name, charset, text direction and so on. This information will be stored into a MySQL database. In the control panel also, you can add the internationalized text (already translated by humans or by the supplied `google-plugin'. Internationalized contents are bound to user defined needles which will be passed as arguments in the PHP script page to the method which retrieves the internationalized text according to the session language in use (changeable by means of a text box). Thanks to IBM for providing a great presentation space with seating for plenty. As a service to our community, New York PHP meetings are always free and open to the public. Come prepared with a business card to enter book raffles. When: Tuesday, November 22nd at 6:30pm sharp (4th Tuesday of every month) Where: IBM 590 Madison Avenue, Room 1219 (12th Floor) RSVP: http://www.nyphp.org/rsvp.php You must RSVP within 30 days of the meeting you attend! CEO Marten Mickos, Monday November 6th, MySQL Meetup ---------------------------------------------------- Meet the MySQL New York team, plus special guest, MySQL CEO Marten Mickos. Get your questioned answered, and learn about the newly released MySQL 5.0 - plus free drinks and food. See for Meetup details: http://mysql.meetup.com/7/events/ New York PHP Training in December --------------------------------- Both Programmer and Designer tracks are available in early December. Avoid the holiday rush and take advantage of the early-bird special. Learn more and sign-up: http://www.nyphp.com/training/indepth.php --- New York PHP Community http://www.nyphp.org From noreply at nyphp.org Mon Nov 21 17:04:27 2005 From: noreply at nyphp.org (New York PHP) Date: Mon, 21 Nov 2005 17:04:27 -0500 Subject: [nycphp-announce] next@nyphp: Practical SSL With Apache and PHP; Internationalization with OASI; December Training Seats Available Message-ID: <019501c5eee7$94cdd2a0$6701a8c0@MZ> November General Meeting: Practical SSL With Apache and PHP; Internationalization with OASI ----------------------------------------------------------------- When: Tuesday, November 22nd at 6:30pm sharp (4th Tuesday of every month) Where: IBM 590 Madison Avenue, Room 1219 (12th Floor) RSVP: http://www.nyphp.org/rsvp.php You must RSVP within 30 days of the meeting you attend! The leaves are falling and the turkeys are running but don't lose your head and miss November's general meeting at New York PHP! This month we're proud to present New York PHP authors Chris Snyder and Michael Southwell, who teamed up to write Pro PHP Security from Apress. We also have special guest Matteo Rinaudo, CCNA, from Italy. Join us as they share their insight gained while writing the book on making SSL, Apache and PHP a happy family, and Matteo's introduction of internationalization toolset, OASI. Snyder and Southwell write: Setting up an SSL-enabled web server is relatively easy using Apache's mod_ssl... so easy, in fact, that an understanding of how SSL and certificates work to ensure the privacy and integrity of HTTPS communication is not even a requirement. It just works, as is shown by the little gold lock in the browser. But as we found out in the course of writing Pro PHP Security, correctly configuring an HTTPS server to be truly secure requires a working knowledge of the tools and techniques of public-key encryption, and a general understanding of what happens during the various phases of the SSL protocol (now better known as TLS). The bonus for getting your hands dirty and really grokking SSL, as a PHP developer, is that you will end up with more than just a production-ready secure server. Thanks to PHP's OpenSSL module, your applications have the ability to sign and/or encrypt messages, including database fields, files, emails, XML values, and so on. You can also verify the integrity of signed messages, and decrypt messages that have been encrypted using your public certificate. And you can use PHP to script the creation and maintenance of keys and certificates on the command line. Our goal, then, in sixty minutes or less, is to: 1. Give you a comprehensive re-introduction to SSL/TLS, and do a quick walkthough of what's going on between server and client during the all-important handshake phase. Then we'll take a close look at the Apache configuration directives for mod_ssl. 2. Show you how to use PHP to assist in the generation, verification, and day-to-day maintenance of RSA keys and certificates. 3. Walk through PHP code for signing, verification, encryption, and decryption of arbitrary values, using those keys and certificates. Then we'll open the meeting to discussion of some of the ways that NYPHP community members use SSL and/or Public Key Encryption in their applications, and of the tradeoffs between creating your own CA and paying for a commercial signature. Once the discussion turns into a gripe session about commercial certificate authorities and patents, we'll close the meeting with a book raffle and head to TGI Fridays for beverages and grub. OASI OASI is a recursive acronym and stands for `Oasi's A Serviceable Implement'. It is a framework which allows PHP web developers to write internationalized web pages. By means of a control panel, you can add, modify, delete user created custom languages, defining items like language name, charset, text direction and so on. This information will be stored into a MySQL database. In the control panel also, you can add the internationalized text (already translated by humans or by the supplied `google-plugin'. Internationalized contents are bound to user defined needles which will be passed as arguments in the PHP script page to the method which retrieves the internationalized text according to the session language in use (changeable by means of a text box). Thanks to IBM for providing a great presentation space with seating for plenty. As a service to our community, New York PHP meetings are always free and open to the public. Come prepared with a business card to enter book raffles. When: Tuesday, November 22nd at 6:30pm sharp (4th Tuesday of every month) Where: IBM 590 Madison Avenue, Room 1219 (12th Floor) RSVP: http://www.nyphp.org/rsvp.php You must RSVP within 30 days of the meeting you attend! New York PHP Training in December --------------------------------- Both Programmer and Designer tracks are available in early December. Avoid the holiday rush and take advantage of the early-bird special. Learn more and sign-up: http://www.nyphp.com/training/indepth.php --- New York PHP Community http://www.nyphp.org