[thelist] security on the server
Keith
cache at dowebs.com
Thu Jul 12 20:13:25 CDT 2001
> I have a client who wishes to have documents made available to
> their clientele for download from their server. These are
> confidential documents to be opened only by their respective
> owners.
Matt's given an excellent explaination of one of the commonly used
methods for delivering secure content to unique users. But since
you also say that the data needs to be transmitted to the end user
securely, you should also to be concerned with how your client will
get the files TO the server, securely. And that's a bit stickier
problem.
If files will be uploaded only once, or rarely, you're set. But If your
client will need to change files frequently, or change a lot of files
periodically, you'll probably want to use something other than the
browser's file upload feature. That one-file-at-a-time crap gets old
quick. The first and only time I built a secure delivery system that
relied on file upload to refresh the server the client bought it. Two
months later they paid twice as much to have someone rip it out
and put in a modern upload design.
keith
More information about the thelist
mailing list