Jump to content
php.lv forumi

Dokumenti/pamācības par PHP un web aplikāciju drošību


Recommended Posts

Weaning the Web off of Session Cookies Making Digest Authentication Viable by Timothy D. Morgan


In this paper, we compare the security weaknesses and usability limitations of both cookiebased session management and HTTP digest authentication; demonstrating how digest authentication is clearly the more secure system in practice. We propose several small changes in browser behavior and HTTP standards that will make HTTP authenti*cation schemes, such as digest authentication, a viable option in future application development.

Link to comment
Share on other sites

  • 2 weeks later...
  • Replies 32
  • Created
  • Last Reply

Top Posters In This Topic

  • 2 weeks later...
  • 1 month later...

Interesants temats, kas it īpaši aktuāls tieši "mākoņu" palielināšanās dēļ:

Host-proof Hosting sīkāk aprakstīta arī šeit Host-proof applications: doing it wrong un šeit aprakstīts šādas aplikācijas piemērs cryp.sr - a minimal host-proof cryptographic textpad - pati aplikācija - http://cryp.sr/ A host-proof cryptographic text pad.


Patiks tiem, kam patika "Stateless session cookies" ;)

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • 2 months later...
  • 4 weeks later...
  • 3 weeks later...
  • 9 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...