-> Wow! I'm dumbfounded by this whole conversation! I thought session -> backends were something innane enough that we could agree on them! I -> have the same use cases as Geoffrey. No, cookies are not a good -> replacement for sessions since you have to validate them everytime you -> use them. You can't trust them unless you encrypt and sign them, and -> I wasn't aware that that many people were doing that. Neither is -> relying on a cookie to time out sufficient to control a session -> timeout. Clients lie. Perhaps I have much to learn. I'm going to -> sit back and just read :-/
(What he said ;) --titus _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
