Justin, thanks for the reply, and I get your point, but I can't break out the registration process into a standalone site quickly. There must be a fairly quick solution to this problem. Surely, I can't be the first to deal with this.
On Tue, Mar 6, 2012 at 8:44 AM, Justin Scott <[email protected]> wrote: > > > It's a video streaming site for members. I can't believe my only > > option is to stream video across ssl. There must be another > > solution. > > There is: take the main site out of scope for compliance. The only > parts of a system that have to be PCI compliant are the ones that > handle credit card information, usually an online store or > subscription system. There is no technical reason I can think of that > would require your billing system and video streaming servers to share > infrastructure. Separating the billing system out on to its own > infrastructure means the rest of the system goes out of scope and then > you can do whatever you want with your cookies on the main part of the > site. Keep the billing system isolated and your headaches will be > greatly reduced. > > > -Justin Sco > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350253 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
