RE: CFToken and CFID not secure for ecommerce

2001-12-07 Thread Dave Watts
> How would you do this on a solaris install? Stop the CF Server, edit the cf.registry file so that it has the new key and value, and restart CF. I haven't tried it on Solaris, but it's supposed to work there too. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 f

Re: CFToken and CFID not secure for ecommerce

2001-12-05 Thread Freddy
> > - Original Message - > From: "Ken Wilson" <[EMAIL PROTECTED]> > To: "CF-Talk" <[EMAIL PROTECTED]> > Sent: Tuesday, December 04, 2001 6:39 PM > Subject: RE: CFToken and CFID not secure for ecommerce > > > Yeah, probably wasn't

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Ken Wilson
> I'm not sure why it's not the default, either; > my guess is backward-compatibility. That would make sense. I've heard mention of needing to increase the DB field size to accomodate the extended length. I've always found (v4.5+ at least) that CF created fields of proper size even before making

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Dave Watts
> Yeah, probably wasn't fair to use that example without explaining > the background. Are you aware of any drawbacks to using this > rather than the default method? Seems like it should be setup that > way by default or at least should be configurable via the CFAdmin > given the ease of guessi

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Ken Wilson
You just have to create it. Works great. Ken -Original Message- From: Douglas Brown [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 9:51 PM To: CF-Talk Subject: Re: CFToken and CFID not secure for ecommerce Well you were able to modify the registry in CF 4.5.1 and use

Re: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Douglas Brown
AIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, December 04, 2001 6:39 PM Subject: RE: CFToken and CFID not secure for ecommerce > Yeah, probably wasn't fair to use that example without explaining the > background. Are you aware of any drawbacks to

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Ken Wilson
other method. Ken -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 9:27 PM To: CF-Talk Subject: RE: CFToken and CFID not secure for ecommerce > Hmmm, interesting comment. > > What I assume to be my SessionID from my current Amazon.

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Dave Watts
> Hmmm, interesting comment. > > What I assume to be my SessionID from my current Amazon.com > sessions: > > IE Session: 104-8981534-3506318 > NS6 Session: 102-524-0108134 > > CFTOKENs for my current sessions on my CF Server: > > IE Session: 3c154df-3b8b20b0-54b8-4cfa-8ebb-be0b2ac13e32

RE: CFToken and CFID not secure for ecommerce

2001-12-04 Thread Ken Wilson
Hmmm, interesting comment. What I assume to be my SessionID from my current Amazon.com sessions: IE Session: 104-8981534-3506318 NS6 Session: 102-524-0108134 CFTOKENs for my current sessions on my CF Server: IE Session: 3c154df-3b8b20b0-54b8-4cfa-8ebb-be0b2ac13e32 NS6 Session: 3e97129-0