On Thu, 27 Apr 2000, Marc Slemko wrote: > Cookies are not secure and will never be secure. They may be "good > enough", and you may not have much choice, but they are still simply not > secure when you put everything together. Can you be more specific about why you say that? If I set an encrypted, short-lived cookie upon validated authentication, why is that any less secure than any of the other approaches you mentioned? - nick
- Security in displaying arbitrary HTML Jeremy Howard
- Re: Security in displaying arbitrary HTML Marc Slemko
- Re: Security in displaying arbitrary HTML Nick Tonkin
- Re: Security in displaying arbitrary HTML Marc Slemko
- Re: Security in displaying arbitrary HTML Steven Champeon
- Re: Security in displaying arbitrary... Vivek Khera
- Re: Security in displaying arbit... Steven Champeon
- Re: Security in displaying arbit... Marc Slemko
- Re: Security in displaying arbit... Matt Sergeant
- Re: Security in displaying a... Dirk Lutzebaeck
- Re: Security in displaying a... Dirk Lutzebaeck
- RE: Security in displaying a... Gerald Richter
- RE: Security in displaying a... Matt Sergeant
