Using Encryption in PHP

gistfile1.txt

WHAT CHANGED: TITLE AND DESCRIPTION

Title: Using Encryption in PHP
Level: All
Duration: 50 minutes including 10 for questions

Description:
Using encryption sounds simple. It is! The trouble is that encryption is
extremely difficult to get right. In fact it's a great way to grab news
headlines when you get it spectacularly wrong.

This talk focuses on two basic concepts you need to understand when getting
PHP's encryption to work in your application: obtaining randomness, and
encrypting/decrypting a string with cryptographic checksum.

I include an extensive curated PHP security reading list with explanations.

Additional Information:
1. This talk is based on my upcoming article in July 2016 php[architect]
   https://www.phparch.com/magazine/ (not yet published)
2. Platform experience: I am a new PHP speaker. However, I used to teach Cray
   Supercomputer operating system internals (assembly and octal) as Senior
   Instructor for Cray Research Software Training.
3. Twitter: @ewbarnard
   
To whomever reviews this gist: My sincere thanks.

Initial response on seeing the title 'Implementing Encryption' was 'wow that's a bad idea'.

I then saw your comment about what so easily goes wrong. But then you talk about how to actually do it. So I'm left confused. Shouldn't the talk simply be 'don't do that'?

I find the proposal exciting, but still have a few suggestions:

1. as Chris wrote, find a better title

2. Maybe also mention in the title that you are talking about PHP

3. Most session proposals consist of one or two paragraphs (even if they are longer). I think you have too many.

4. Cut the last two paragraphs, they add little value and seem out of place ("Virtually ... encryption/decryption." and "I ... explanations").

I hope that was helpful!