[nycphp-talk] Session Thoughts
Chris Shiflett
shiflett at php.net
Fri Oct 31 15:03:03 EST 2003
--- felix zaslavskiy <felix at students.poly.edu> wrote:
> > I think it would be better to observe the practices of places
> > like Amazon and Yahoo.
>
> By this you mean ssl + reask password for sensitive functions?
That's a pretty enormous oversimplification of Amazon and Yahoo. I
bet they would like to know that all they had to do was use SSL and
ask for a password for important stuff.
Being serious, there is a lot more to designing and securing Web
applications than that.
Chris
=====
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
More information about the talk
mailing list