Penetration Testing mailing list archives

[PEN-TEST] HTTP Secure Session State Management

From: Mark Curphey <mark () CURPHEY COM>
Date: Fri, 22 Dec 2000 16:43:37 -0800

Apart from RFC 2965 (cookies) what other methods are available to developers
to manage sessions securely; i.e. authenticate each session in a transaction
?

Is a decorated URL  a better option ?

Current thread:

[PEN-TEST] HTTP Secure Session State Management Mark Curphey (Dec 23)
- Re: [PEN-TEST] HTTP Secure Session State Management van der Kooij, Hugo (Dec 23)
  - Re: [PEN-TEST] HTTP Secure Session State Management Mark Curphey (Dec 26)
    - Re: [PEN-TEST] HTTP Secure Session State Management van der Kooij, Hugo (Dec 26)
    - Re: [PEN-TEST] HTTP Secure Session State Management Mark Curphey (Dec 27)
    - Re: [PEN-TEST] HTTP Secure Session State Management Anonymous (Dec 27)
    - Re: [PEN-TEST] HTTP Secure Session State Management Olle Segerdahl (Dec 27)
    - Re: [PEN-TEST] HTTP Secure Session State Management Robert van der Meulen (Dec 27)
    - Re: [PEN-TEST] HTTP Secure Session State Management Bennett Todd (Dec 27)
  - Re: [PEN-TEST] HTTP Secure Session State Management Philip Stoev (Dec 26)
    - Re: [PEN-TEST] HTTP Secure Session State Management Thomas Reinke (Dec 26)

(Thread continues...)