Two words:
AOL S***s
:-)
----- Original Message -----
From: Mike Sheldon <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 16, 2000 9:00 PM
Subject: RE: "You have nice cookies .. mind if I have a look?"
> >>As an added measure of security you
> can encrypt the cookie with the IP address as the key...<<
>
> If you're using the user's IP address, you'll likely get a surprise. Some
> proxy servers, most notably AOL's, will rotate through several IP
addresses
> in a single session. The worst I've seen so far was an AOL user who's
> requests came from 15 different IP addresses in 15 consecutive requests.
>
> Michael J. Sheldon
> Internet Applications Developer
> Phone: 480.699.1084
> http://www.desertraven.com/
> PGP Key Available on Request
>
> -----Original Message-----
> From: Howie Hamlin [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 16, 2000 17:49
> To: [EMAIL PROTECTED]
> Subject: Re: "You have nice cookies .. mind if I have a look?"
>
>
>
> ----- Original Message -----
> From: John Allred <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, May 16, 2000 8:33 PM
> Subject: Re: "You have nice cookies .. mind if I have a look?"
>
>
> > In the page submitted by Todd:
> > "The NY Times said it has rewritten its cookies code with stronger
> > encryption..."
> >
> > Certainly no one on this list would steal anyone's cookies <grin>, but I
> > didn't hear anyone mention the possibility of encrypting one's own
> > cookies to protect their contents. This is possible, isn't it?
> >
>
> Yes, but the safest thing to do is to keep the client "profile" on the
> server and only transmit the cookie. As an added measure of security you
> can encrypt the cookie with the IP address as the key...
>
> Howie
>
> > --John Allred
> >
> >
>
>
> --------------------------------------------------------------------------
--
> --
> Archives: http://www.eGroups.com/list/cf-talk
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
>
> --------------------------------------------------------------------------
----
> Archives: http://www.eGroups.com/list/cf-talk
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
