Re: [Zope-dev] CoreSessionTracking proposal

[Dieter Maurer]

Chris McDonough writes:
 > The random element of the token is currently five characters.  I may
 > need to "up" this.  The secure cookie requirement is already reflected
 > in the use cases and in the current implementation.  Anybody have any
 > other bright ideas about how to make session tokens harder to guess?

Hash them as GUF does.


Dieter

_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )