Quoting Claude Tompers <[email protected]>:
I have a question concerning the imp_key cookie. Shouldn't it be renewed/regenerated on every login ?
Not necessarily. The only key that is important is the horde key, since that controls the session information.
The imp key (or any application key) is used to encrypt information within that application. It has nothing to do with session generation.
Our showed that this was not the case and we suspect that this could lead to errors between Horde and the imap server if the cookie expires in a later session.
The imp_key cookie has nothing to do with session generation. It is solely concerned with data encryption.
michael ___________________________________ Michael Slusarz [[email protected]] -- imp mailing list Frequently Asked Questions: http://wiki.horde.org/FAQ To unsubscribe, mail: [email protected]
