[EMAIL PROTECTED]:
Thilo Planz wrote:
> Everything you send or receive via https is encryted.
> This even includes the HTTP headers, which is why name-based virtual
> hosting does not work with https.
Thanks for your reply. :-)
Okay.
> Depending on how paranoid you are you can also set the "se
On Wednesday, October 15, 2003, at 02:49 AM, David Christensen wrote:
..
1.) Establish an SSL connection
2.) Require the user to indentify himself (username and password)
3.) Check against some kind of user database
4.) Create a unique session ID number which can not easily guessed
by other
[EMAIL PROTECTED]:
Bär, Sebastian wrote:
> Most session tracking software use the same approach:
Thanks for the reply. :-)
> 1.) Establish an SSL connection
> 2.) Require the user to indentify himself (username and password)
> 3.) Check against some kind of user database
> 4.) Create a unique
Hi David.
Most session tracking software use the same approach:
1.) Establish an SSL connection
2.) Require the user to indentify himself (username and password)
3.) Check against some kind of user database
4.) Create a unique session ID number which can not easily guessed
by others
5.) Store
hello, world!
I'm working on an e-commerce site using Apache 1.3.26, Perl 5.6,
CGI::Application, HTML::Template, and CGI::FormBuilder. I need to
provide secure user login/logout, profiles, financial pages, etc.. For
starters, I plan to use https for sensitive pages. After that, I'm not
sure whi
