sercurity issuses of transmitting seesion id

This is a multi-part message in MIME format.

------=_NextPart_000_0253_01C44A4F.F3B650A0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi,

I have read that some security experts question the use of session ids over=
the internet.

Is this really a practical problem?

Thanks,
regards=20
Paul


------=_NextPart_000_0253_01C44A4F.F3B650A0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Re: sercurity issuses of transmitting seesion id

Thanks chris,
nice .

regards,
paul.

----- Original Message -----
From: "Chris"
To: "'Paul Gimpelj'" ; "'pgsql-php'"

Sent: Sunday, June 06, 2004 8:32 PM
Subject: RE: [PHP] sercurity issuses of transmitting seesion id


> Hi Paul,
>
> If you only use session-id's for authentication then it'll be a problem.
>
> http://www.sitepoint.com/blog-post-view.php?id=156260
>
> has a bit more info about it and also some links to other articles that
> talk about session stuff..
>
> HTH.
>
> ------------
> Chris Smith
>
> Suite 30, 45-51 Huntley St, Alexandria, NSW 2015 Australia
>
> Ph: +61 2 9517 2505
> Fx: +61 2 9517 1915
>
> email: info@interspire.com
> web: www.interspire.com
>
>
>
> -----Original Message-----
> From: pgsql-php-owner@postgresql.org
> [mailto:pgsql-php-owner@postgresql.org] On Behalf Of Paul Gimpelj
> Sent: Saturday, June 05, 2004 6:21 AM
> To: pgsql-php
> Subject: [PHP] sercurity issuses of transmitting seesion id
>
>
> Hi,
>
> I have read that some security experts question the use of session ids
> over the internet.
>
> Is this really a practical problem?
>
> Thanks,
> regards
> Paul
>


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster