Yes, that was not one of the smartest comments i have ever posted, I was trying to come up with a solution for getting around having to send cookies through ssl to make them secure. But my solution was not very thought out.
>Dave, > That is one of the scariest things I ever read :) > Heath - If I am reading this correctly, encrypting the cookie >doesn't matter. They can just get your encrypted cookie and use it >as is, they do not need to unencrypt it. > > > >>Thanks Dave, >> >>Do you think encrypting the cookie values would be acceptable way of >>securing the session? >> >>Heath ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:313038 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
