bruce <mailto:bedouglas@xxxxxxxxxxxxx> on Monday, June 20, 2005 5:50 PM said: > if you're going to be writing apps that deal with sensitive > information, you better damm well give some thought as to how secure > the client is, or even if the client is actually valid! It's not possible to determine the validity of the client. Just give it some good hard thought and you'll probably come to the correct conclusion. A client/server relationship is like two people talking through a wall. You can hear my voice just fine and I can answer all the questions you ask me correctly but still you can't see what I'm doing nor do you know that I am who I am say I am. We can even talk in a language that only the two of us can understand as to prevent people from listening in. But you still wouldn't know if I was transmitting that secret message to someone else willfully after I received it. Nor would you know if someone was pointing a gun to my head forcing me to tell them what we had just talked about. Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
