Ben Laurie wrote:
[snip discussion of bad crypto implementation practices]
Because he is steeped in the craft
knowledge around crypto. But most developers aren't. Most developers
don't even have the right mindset for secure coding, let alone correct
cryptographic coding. So, why on Earth do
[Moderator's note: my forwarding this is not an indication that I want
to continue the are certs IP discussion. --Perry]
Perry E. Metzger pe...@piermont.com writes:
However, a cert seems almost certainly *not* to be IP.
[...]
3) It can't be copyrighted, it contains no creativity.
You
Hi.
Recently, on both the jQuery(.com) and PHP mailinglists, a question has
arisen on how to properly secure a login form for a non-ssl web-application.
But the replies have been get ssl.. :(
I disagree, and think that with a proper layout of authentication
architecture, one can really