[rt-users] Coockie problems with proxies
Jesse
jesse at fsck.com
Fri Apr 7 12:13:35 EDT 2000
On Fri, Apr 07, 2000 at 11:36:13AM -0400, Bill Sommerfeld wrote:
> If you want security, don't trust the source IP address.. an attacker
> trying to steal a session may be coming through the same proxy as the
> victim...
>
> Instead, use SSL ..
> - Bill
*nod* The goal of the current password hashing was to do something
that would be "slightly" better than http-basic. In production,
SSL is something that you can depend on.
--
jesse reed vincent -- jrvincent at wesleyan.edu -- jesse at fsck.com
pgp keyprint: 50 41 9C 03 D0 BC BC C8 2C B9 77 26 6F E1 EB 91
--------------------------------------------------------------
They'll take my private key when they pry it from my cold dead fingers!
More information about the rt-users
mailing list