Florian Zumbiehl scripsit: > I am not sure I understand what you mean--you never can protect against a > client that doesn't want to protect the session, they always could just > publish the session key, or the decrypted data, or whatever. The protection > should always focus on third parties that try to undermine the security.
There is a difference between a malicious client designed to harm the user, and a merely ignorant client that thinks it's doing the Right Thing but isn't. It's the second kind of client that we need to defend against. -- John Cowan http://www.ccil.org/~cowan [email protected] Today an interactive brochure website, tomorrow a global content management system that leverages collective synergy to drive "outside of the box" thinking and formulate key objectives into a win-win game plan with a quality-driven approach that focuses on empowering key players to drive-up their core competencies and increase expectations with an all-around initiative to drive up the bottom-line. --Alex Papadimoulis _______________________________________________ Chicken-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/chicken-users
