> The framework, however, generally provides insecure cookies.
No I'm confused. First you said it doesn't make things like the
session-ID available, and I posted a URL to show otherwise. Now you're
saying it's available but insecure?
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
