[nycphp-talk] Secure Data
Analysis & Solutions
danielc at analysisandsolutions.com
Fri Jul 18 00:00:53 EDT 2003
Ladies (there are at least SOME women on the list, right?) & Gentlemen:
On Thu, Jul 17, 2003 at 09:36:18PM -0400, Hans Zaunere wrote:
>
> But keep in mind; if the server on which the key resides is compromised,
> the game's over.
Hmm... This got me to thinking. It'd be nice to have GPG built into PHP
to avoid use of program execution functions. In the mean time,
proc_open() is handy.
With GPG and PGP, you can encrypt stuff with a public key then decrypt it
with the private key. The private key is password protected, but the
public key isn't. So, an automated process can encrypt the stuff on the
way in. To get stuff out, submit the password via a secure form.
While this isn't the right process for all situations, it can be useful.
Enjoy,
--Dan
--
FREE scripts that make web and database programming easier
http://www.analysisandsolutions.com/software/
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list