NYCPHP Meetup

NYPHP.org

[nycphp-talk] Session Thoughts

Chris Shiflett shiflett at php.net
Fri Oct 31 15:03:03 EST 2003


--- felix zaslavskiy <felix at students.poly.edu> wrote:
> > I think it would be better to observe the practices of places
> > like Amazon and Yahoo.
>
> By this you mean ssl + reask password for sensitive functions?

That's a pretty enormous oversimplification of Amazon and Yahoo. I
bet they would like to know that all they had to do was use SSL and
ask for a password for important stuff.

Being serious, there is a lot more to designing and securing Web
applications than that.

Chris

=====
My Blog
     http://shiflett.org/
HTTP Developer's Handbook
     http://httphandbook.org/
RAMP Training Courses
     http://www.nyphp.org/ramp



More information about the talk mailing list