Displaying 1 result from an estimated 1 matches for "br1tn3ysp34rs".
2005 Mar 06
8
Session ids and identification
Hi all,
AFAIK, session ids are generated and given to a user side as a cookie or
whatever so that we may later "identify" a user and their previous
authentication by that id. But this is not secure! It doesn''t matter if
we use https or "secure cookies" or some other crap. It doesn''t matter.
As soon as you trust the client to provide you with valid data, you