Howie Hamlin wrote:
>
> Yes, but the safest thing to do is to keep the client "profile" on the
> server and only transmit the cookie. As an added measure of security you
> can encrypt the cookie with the IP address as the key...
It just seems like the web is constantly adapting itself to new
information and new challenges. I agree with someone earlier (and with,
Doh! Microsoft) that no sensitive information should be stored in
cookies. However, encrypting whatever you do store and announcing that
fact (assuming this became a trend among developers), would sure take
the wind out of the sails of the muddled media, which seems to thrive on
manufactured crises in the web world. It's sort of akin to the privacy
statement many sites have where they promise not to share personal info
or e-mail addresses with anyone else.
--John
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
