Ricardo SIGNES wrote: > Is your objection just that you don't want me storing anything in your > browser's cookie jar that isn't plaintext or a serial number? Also, I'd like to make that point that a good unique session id (like one generated form mod_unique_id) will be indistinguishable from some encrypted data or some data structure. They need to be Base64 encoded (or similar) to be used in HTTP headers anyway, so it's all plain text. -- Michael Peters Plus Three, LP ##### CGI::Application community mailing list ################ ## ## ## To unsubscribe, or change your message delivery options, ## ## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ## ## ## ## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ## ## Wiki: http://cgiapp.erlbaum.net/ ## ## ## ################################################################
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.