In the light of the recent scandal of the NSA (& others) attacking encryption
would it be a good idea to see if we can get an audit of all the security
related code in PHP ? It would do a bit to help boost confidence in PHP - and
might even find something (although I hope not).
What I am thinking of:
* done by people outside of the usual PHP community.
* the final report, and any interim ones, to be published in their entirety.
* done by people who have real clue when it comes to security [count me out :-)
].
Why ? To improve the public confidence in PHP.
Just in case you have been living under a stone recently:
https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
--
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT
Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information:
http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
