# from David Turnbull
# on Monday 20 February 2006 04:19 pm:
>I didn't see any mention of having the keys expire by date (and upon
>use)
I did mention that a timeout and limit would be good things.
As for expiry upon use, that has already been implemented.
It doesn't send you the same key twice, it just keeps generating new
ones (IIRC, maybe it just bah!'s at you... Try it.)
In case anyone missed it (I'm getting that feeling) I did write some
code and it does work and I did check it into svn. Try it.
The discussion has been mostly about the inherent security flaws in this
approach and how to get around them. While Ben (who has apparently
made his hat out of the wrong sort of foil) insists that this is more
work and concern about security than is justified, the point of the
pdxruby.org app is as much to give us something to work on and learn
from as it is to herd cats.
--Eric
--
[...proprietary software is better than gpl because...] "There is value
in having somebody you can write checks to, and they fix bugs."
--Mike McNamara (president of a commercial software company)
---------------------------------------------------
http://scratchcomputing.com
---------------------------------------------------
_______________________________________________
PDXRuby mailing list
[email protected]
IRC: #pdx.rb on irc.freenode.net
http://lists.pdxruby.org/mailman/listinfo/pdxruby
