[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's talk about HTTPS Everywhere



In <pan.2011.01.21.12.44.32@gmail.com>, Camaleón wrote:
>Using cookies for tracking/
>identifying the user's session can be replaced with another methods or
>can require additional security measures for verifying the authenticity
>of the client.

Do you have a concrete proposal that is simpler than using HTTPS?

Keep in mind that IPs don't identify users -- proxies and reverse proxies mess 
that up.  Keep in mind that it is difficult to serialize requests; users that 
are fans of multiple tabs and/or windows may have requests that overlap or 
interleave with other requests.
-- 
Boyd Stephen Smith Jr.                   ,= ,-_-. =.
bss@iguanasuicide.net                   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy         `-'(. .)`-'
http://iguanasuicide.net/                    \_/

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: