in reply to collecting sensitive data
What is the most secure way of getting this data to the client?If you are asking for the transport layer: it is HTTPS, do not even think of doing it in any other way (email, various encodings, home-made encryption, ...)
But that is only a (small) part of your whole can of worms: once the data is with the client, the *real* problems begin. If you let them, the data will end up in the clear on a lap-top with the master-pasword on a Post-It tacked to the screen and the laptop on the backseat of an open-topped car in the parking lot of the local mall.
CountZero
A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James
|
|---|
In Section
Seekers of Perl Wisdom