saniko Posted March 14, 2013 Share Posted March 14, 2013 Larry, Two quick questions: From the 4.1 to 5.0 update, it looks like you moved away from CSecurityManager. While I wasn't planning to use it (rather go blowfish with salt), is there a reason why you've opted not to go that route for the book? Looking through the table of contents, are you planning to discuss behaviours in the book? I absolutely love the content so far. You are amazing! Take care, -saniko Link to comment Share on other sites More sharing options...
Larry Posted March 15, 2013 Share Posted March 15, 2013 Thanks for the questions and for the nice words on the book. It is appreciate. I'm glad to hear you're liking the work so far. As for CSecurityManager, I liked the premise, but the use of hash_hmac() was curious, or less ideal. So I thought it'd be more straightforward to use hash_hmac() directly. I debated using crypt() and blowfish, but didn't want to get into a whole thing on encryption. My main attitude with security is that you always need to match the level of security to the application. As for behaviors, yes, I am planning on discussing them, it's just a question of where. I introduce the topic in Chapter 13 (writing it now). Maybe I'll go into more depth in Part 3 of the book. Thanks again! Link to comment Share on other sites More sharing options...
Recommended Posts