| 
|
Quote: for authentication cookies, use expiration data, data, and message digest; use session ID for sensitive data; use SSL to counter eavesdroppers
topics >
all references >
references e-f >
Topic:
authentication
Topic:
one-way hash function
Quotation Skeleton
The recipe for our cookie follows easily … We create an unforgeable authenticator that includes an … The value of this cookie is shown here: … [t] … is expressed as seconds past 1970 GMT. The … [p. 260] The value s may be any information … if sensitive data is needed, we recommend that … [p. 261] [Unless a secure channel such as SSL is used, an eavesdropper can replay unexpired authenticators.] Google-1 Google-2
Copyright clearance needed for quotation.
Topic: authentication (87 items)
Topic: one-way hash function (23 items)