[thelist] security on the server
Peter Kaulback
pkaulbak at idirect.ca
Thu Jul 12 13:56:19 CDT 2001
In the wee hour of 10:45 PM 7/11/01 -0400, Warden, Matt bequeathed such
tales as these:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
> > From: "Peter Kaulback" <pkaulbak at idirect.ca>
> > Subject: [thelist] security on the server
> >
>
> > I have a client who wishes to have documents made available to
> > their clientele for download from their server. These are
> > confidential documents to be opened only by their respective
> > owners. We had originally thought of PDF's as the format with
> > it's 128 bit security but now with the problems associated with it
> > cropping up we are seeking alternatives. Simplicity is the rule
> > for the client and their clientele as they want to handle the
> > transfer to their server and would prefer a one or two step
> > operation. Would multiple secure directories be the answer for all
> > the unique entities in their clientele, this implementation is new
> > to me. Any ideas would be so graciously appreciated.
Hi Matt, thanks for your input.
>- From your description, it was unclear to me if you are just asking
>about encryption of the file itself or the transfer of that file over
>http/SSL.
Actually, it's both the encryption and the transfer. The files will be
very small, word documents converted to pdf, so their time in transit will
me minimal. Is the pdf security model very secure and is there other
methods more secure?
>If you're talking about the transfer, this is what I propose:
>
>(a) store the PDFs below the site's root, so that it is inaccessible
>by typing in a URL.
>(b) write a script and store it above the site's root. The user will
>login and visit this page. The script will look up in the database
>all the files owned by the logged-in user and list them for the user
>to select. The script, after the user has clicked on a filename, will
>then grab the file from the filesystem and feed it to the browser,
>making sure to set the correct Content-Type header for the file.
>
>Is this the kind of thing you're looking for? If so, feel free to
>fire some questions my way, as I've done this sort of thing quite a
>few times in the past.
This is the kind of thing I'm looking for exactly as well. How difficult is
such an operation from the users standpoint and for the designer/developer?
Peter Kaulback
More information about the thelist
mailing list