On Wed, Jun 23, 2010 at 12:55 AM, Tommy Pham <tommyhp2@xxxxxxxxx> wrote: >> I haven't had to implement a scheme like this but for an app I'm working on >> we've been considering the same issues in order to keep member data safe. >> I would say your best bet is to keep the decryption key in memory while the > > This is something I'm very interested in hearing more about since our other discussion about PHP & threads and how some list members prefer the 'share nothing' approach. That said, how would you access the memory for every individual sessions that need that decrypting code/key when nothing is shared? (I'm assuming that this would be purely in PHP :) +1. each server stores it locally in APC, or you have to mess with memcached, and since it is plaintext, encrypt that too? :p I -always- design for 'shared nothing' so this is a necessary discussion too, if "in memory" is the idea. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
