WebApp Sec mailing list archives
Re: Innocent Code Prize for Best Post on WebAppSec
From: "Sverre H. Huseby" <shh () thathost com>
Date: Sat, 13 Mar 2004 18:14:53 +0100
This is a reply to Mark Curphey's post [1] on 2004-02-16. In case you didn't see it: For a few weeks I give a copy of my book [2] to authors of webappsec-posts I like (not that I think they need it, but anyway... :) ). Amit Klein is the author of the paper "Divide and Conquer: HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics" [3], which was announced [4] to this mailing list on 2004-03-04. Undoubtably, extensive research was performed in order to write this paper. It's one of the most interesting pieces of text I've read in a long time, and I admire people who are able to do this kind of scientific research. He even manages to explain the results in an understandable way. Hats off! A book would have been in the (snail)mail if Amit had answered my E-mail. Sverre. 1 <200402161618.LAA20125 () arkroyal cnchost com> http://www.securityfocus.com/archive/107/353996/2004-02-12/2004-02-18/0 2 http://innocentcode.thathost.com/ 3 http://www.sanctuminc.com/pdf/whitepaper_httpresponse.pdf 4 <4047719E.8070607 () sanctuminc com> http://www.securityfocus.com/archive/107/356389/2004-03-03/2004-03-09/0 -- shh () thathost com My web security book: Innocent Code http://shh.thathost.com/ http://innocentcode.thathost.com/
Current thread:
- Innocent Code Prize for Best Post on WebAppSec Mark Curphey (Feb 16)
- Re: Innocent Code Prize for Best Post on WebAppSec Sverre H. Huseby (Mar 01)
- Re: Innocent Code Prize for Best Post on WebAppSec Sverre H. Huseby (Mar 13)
- Re: Innocent Code Prize for Best Post on WebAppSec Sverre H. Huseby (Mar 25)