Re: Re: Cookies at XML Europe 2004 -- Call for Participation

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: Alaric B Snell <alaric@a...>
Subject: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
From: Rich Salz <rsalz@d...>
Date: Thu, 08 Jan 2004 13:12:54 -0500
Cc: xml-dev@l...
In-reply-to: <3FFD7817.509@a...>
References: <20040108000125.GI31886@m...> <Pine.LNX.4.44L0.0401072052010.11874-100000@s...> <20040108115451.GP31886@m...> <3FFD4836.4000705@a...> <p06010202bc230c579249@[192.168.254.4]> <3FFD7817.509@a...>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b) Gecko/20030507

Alaric B Snell wrote:
> I came across a page that reminded me of another downside to HTTP auth - 
> there's no way for the server to cancel the session if it believes the 
> session might be compromised

The HTTP RFC actually calls this out in the security considerations 
section.  RFC 2616, section 15.6.  The words there are not encouraging.
	/r$
-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

References:
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: John Cowan <cowan@m...>
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: Rich Salz <rsalz@d...>
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: John Cowan <cowan@m...>
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: Alaric B Snell <alaric@a...>
- Re: Re: Cookies at XML Europe 2004 -- Call forParticipation
  - From: Elliotte Rusty Harold <elharo@m...>
- Re: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: Alaric B Snell <alaric@a...>

Prev by Date: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by Date: Re: Why is xml:base a URI *reference*?
Previous by thread: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by thread: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >