Re: Re: Cookies at XML Europe 2004 -- Call forParticipation

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: Rich Salz <rsalz@d...>
Subject: Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
From: Elliotte Rusty Harold <elharo@m...>
Date: Thu, 8 Jan 2004 23:52:48 -0500
Cc: "xml-dev@l..." <xml-dev@l...>
In-reply-to: <Pine.LNX.4.44L0.0401082053220.6682-100000@s...>
References: <Pine.LNX.4.44L0.0401082053220.6682-100000@s...>

At 9:54 PM -0500 1/8/04, Rich Salz wrote:

>>  I don't see any equivalent action a
>>  client can take to protect themself against a cookie based attack.
>
>Make sure they always connect to the site with SSL.

No, the client can't choose that. The server has to make it 
available. If the server doesn't provide SSL access, there's nothing 
the client can do to enable SSL short of not connecting to the site. 
:-(
-- 

   Elliotte Rusty Harold
   elharo@m...
   Effective XML (Addison-Wesley, 2003)
   http://www.cafeconleche.org/books/effectivexml
   http://www.amazon.com/exec/obidos/ISBN%3D0321150406/ref%3Dnosim/cafeaulaitA

Follow-Ups:
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: Rich Salz <rsalz@d...>

References:
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: Rich Salz <rsalz@d...>

Prev by Date: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by Date: Re: wacky XML
Previous by thread: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by thread: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >