Jump to content
Larry Ullman's Book Forums

Csecuritymanager, Behaviours


saniko
 Share

Recommended Posts

Larry,

 

Two quick questions:

  1. From the 4.1 to 5.0 update, it looks like you moved away from CSecurityManager.  While I wasn't planning to use it (rather go blowfish with salt), is there a reason why you've opted not to go that route for the book?
  2. Looking through the table of contents, are you planning to discuss behaviours in the book?

I absolutely love the content so far.  You are amazing!

 

Take care,

-saniko

Link to comment
Share on other sites

Thanks for the questions and for the nice words on the book. It is appreciate. I'm glad to hear you're liking the work so far. 

 

As for CSecurityManager, I liked the premise, but the use of hash_hmac() was curious, or less ideal. So I thought it'd be more straightforward to use hash_hmac() directly. I debated using crypt() and blowfish, but didn't want to get into a whole thing on encryption. My main attitude with security is that you always need to match the level of security to the application.

 

As for behaviors, yes, I am planning on discussing them, it's just a question of where. I introduce the topic in Chapter 13 (writing it now). Maybe I'll go into more depth in Part 3 of the book.

 

Thanks again!

Link to comment
Share on other sites

 Share

×
×
  • Create New...