At 10:31 AM -0700 8/29/10, Jim Lucas wrote:
Per Jessen wrote:
I realize that the problem stated herein has been solved by others,
so I'm not claiming I've done anything new -- it's only new to me. It
was a learning experience for *me* and my solution may help others.
In any event, I've finished creating a method for establishing what I
think is secure communication between two servers.
First thought - you're reinventing the wheel. When I connect to a
server via https, I have secure communication.
First, it isn't the connection that he is trying to secure. He
admits to using HTTPS in his connections already. What I think he
is trying to prevent (correct me if I'm wrong) is access to the data
on the opposite server. He wants to make sure that the access to
this data is only able to be done by the remote server. Hence why
he said that the key to the local data is located only on the remote
server. So, my guess would be that the key would only be usable by
the remote server. It would not work on the local server.
Bingo. That's it.
Sometimes it's hard for people to fully understand what I am saying
even when I explain it in great detail. Often people respond with
what they feel is an obvious solution when the statement is much more
complicated than that.
Like in this example, I use HTTPS in all the steps yet one responder
said "use HTTPS". That means: 1) He didn't understand what I was
saying; 2) He didn't read what I wrote, which probably the reason for
Also, as per another responders statement, using a SSL does not
necessarily mean that the server is more secure. In the case I am
working on the host has a SSL, but I am still going this length
because of the possibility that the server may be hacked. The SSL
only assures visitors to the host that the host is who the host
claims to be. It does not assure, nor prevent, in any way that the
server may not be hacked -- am I wrong?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php