Re: Secure Communication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

At 10:31 AM -0700 8/29/10, Jim Lucas wrote:

Per Jessen wrote:

tedd wrote:


Hi gangl:

I realize that the problem stated herein has been solved by others,
so I'm not claiming I've done anything new -- it's only new to me. It
was a learning experience for *me* and my solution may help others.

In any event, I've finished creating a method for establishing what I
think is secure communication between two servers.


First thought - you're reinventing the wheel.  When I connect to a
server via https, I have secure communication.
First, it isn't the connection that he is trying to secure. He admits to using HTTPS in his connections already. What I think he is trying to prevent (correct me if I'm wrong) is access to the data on the opposite server. He wants to make sure that the access to this data is only able to be done by the remote server. Hence why he said that the key to the local data is located only on the remote server. So, my guess would be that the key would only be usable by the remote server. It would not work on the local server. 




Jim:

Bingo. That's it.
Sometimes it's hard for people to fully understand what I am saying even when I explain it in great detail. Often people respond with what they feel is an obvious solution when the statement is much more complicated than that.
Like in this example, I use HTTPS in all the steps yet one responder said "use HTTPS". That means: 1) He didn't understand what I was saying; 2) He didn't read what I wrote, which probably the reason for #1.
Also, as per another responders statement, using a SSL does not necessarily mean that the server is more secure. In the case I am working on the host has a SSL, but I am still going this length because of the possibility that the server may be hacked. The SSL only assures visitors to the host that the host is who the host claims to be. It does not assure, nor prevent, in any way that the server may not be hacked -- am I wrong? 

Cheers,

tedd

--
-------
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux