> The framework, however, generally provides insecure cookies.

No I'm confused.  First you said it doesn't make things like the
session-ID available, and I posted a URL to show otherwise.  Now you're
saying it's available but insecure?
        /r$
--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to