[Sugar-devel] [PATCH] webactivity: seed the XS cookie at startup

Martin Langhoff martin.langhoff at gmail.com
Fri Feb 13 05:51:02 EST 2009

Previous message: [Sugar-devel] [PATCH] webactivity: seed the XS cookie at startup
Next message: [Sugar-devel] buildbot failure in Sugar Labs Buildbot on GConf-dbus-Fedora10
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 13, 2009 at 7:07 AM, Carol Farlow Lerche <cafl at msbit.com> wrote:
> Martin, I want to understand what https traffic you are concerned will
> affect performance and caching.  As far as I understand the need for https,
> it would only be used infrequently, when reauthenticating to the server.
> I.e..:

What you describe was the plan B in my earlier postings. It first does
crypto, and then falls back to a totally MITM'able cleartext cookie.
So the crypto is just a lot of programming work for a tiny gain.

Previous message: [Sugar-devel] [PATCH] webactivity: seed the XS cookie at startup
Next message: [Sugar-devel] buildbot failure in Sugar Labs Buildbot on GConf-dbus-Fedora10
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Sugar-devel mailing list