On Fri, Aug 10, 2001, Tatsuhiko Miyagawa wrote:
> On Fri, 10 Aug 2001 14:40:13 +0200
> David Hajek <[EMAIL PROTECTED]> wrote:
>
> I see. You mean your session state is not stored on the database,
> but stored as encrypted text in session id itself.
Yes, and the problem is whether there is some good
algorithm, which will generate this kind of session
ids. Security is not main part of this solution, but
easy finding of these session ids is not desirable. ;)
--
David Hajek
[EMAIL PROTECTED] GSM: +420 604 352968
- Hackers of the world, unite!
