On Fri, Jan 07, 2011 at 12:37:55PM -0600, Aaron McCaleb wrote: > Actually, Best Practices are certainly related but Best Practices != > Design Patterns. > > A best practice is a guideline drawn from combined experiences. > > A best practice might be something like, "Avoid unencrypted > transmission of authentication credentials."
[SNIP] > > I suppose it might be argued that design patterns are an alternative > or supplementary expression of best practices, but they still are > distinctly different in the way they are applied. > Actually, when documented and described correctly, a best practice is, in fact, a generalization. For instance, instead of saying "Avoid unencrypted transmission of authentication credentials" or even "Use single-sign on," a best practice along these lines would be something like "Secure Authentication Methods" as a document that would then go into concerns to address and consider, including those risks and security issues that could effect particular implementations - regardless of technical details. Avoiding sending things unencrypted is a fairly detailed specification that is a small piece of authentication best practices. So, properly done, design patterns as applied to best practices really are just using an OO model for the traditional functional model normally used to define best practices. But we digress... :) -- Jesse Trucks, GCUX jtru...@lopsa.org Director, LOPSA http://lopsa.org _______________________________________________ Discuss mailing list Discuss@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
