Dieter Maurer wrote: > > Chris McDonough writes: > > The random element of the token is currently five characters. I may > > need to "up" this. The secure cookie requirement is already reflected > > in the use cases and in the current implementation. Anybody have any > > other bright ideas about how to make session tokens harder to guess? > > Hash them as GUF does. I will consider this... -- Chris McDonough Digital Creations, Publishers of Zope http://www.zope.org _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
- [Zope-dev] Re: CoreSessionTracking proposal Chris McDonough
- [Zope-dev] Re: CoreSessionTracking proposal Dieter Maurer
- Re: [Zope-dev] Re: CoreSessionTracking proposal Chris McDonough
- Re: [Zope-dev] Re: CoreSessionTracking propos... Chris McDonough
- Re: [Zope-dev] CoreSessionTracking proposal Phillip J. Eby
- Re: [Zope-dev] CoreSessionTracking proposal Chris McDonough
- Re: [Zope-dev] CoreSessionTracking proposal Phillip J. Eby
- Re: [Zope-dev] CoreSessionTracking proposal Chris McDonough
- Re: [Zope-dev] CoreSessionTracking proposal Chris McDonough
- Re: [Zope-dev] CoreSessionTracking proposal Dieter Maurer
- Re: [Zope-dev] CoreSessionTracking proposal Chris McDonough
- Re: [Zope-dev] CoreSessionTracking proposal Dieter Maurer
- Re: [Zope-dev] CoreSessionTracking proposal Chris McDonough