> > the cool thing about the MD5 hashing scheme is that any > would-be hacker > needs to know the fields you are hashing in order to have a chance at > creating a like hash. so, if you use stuff transmitted in > the clear (like > username, sessionid, some bogus piece of info not used, and > MD5 hash) as > well as other stuff obtainable from the transaction (like user-agent, > protocol, method, accept header) and combine some random form of these > (along with a server-side-only secret) the hash should be > reasonably secure. > this is kind of how digest authentication works (except there > the algorithm > is published, so you know the parameters involved).
forgot to mention that you could also encrypt the entire thing in the cookie using something like Apache::Cookie::Encrypted, which uses blowfish or some other cypher. Apache::Cookie::Encrypted is pretty neat, except it doesn't do inheritance correctly so you can't subclass it, but it should prove as a good starting point for another effort... --Geoff