Cookie Encyclopedia

We are in the process documenting the details of both good and bad client authentication schemes. You can already obtain most of this information from our tech report. Cleaner HTML will appear here.

Note that we have long since notified the sites with insecure schemes. Most have chosen to implement better or different schemes.

• Glossary of client authentication
• Predictable Session IDs
• Misuse of Cryptography
• Signing Ambiguous Messages
• Circumventing Password Authentication
• Setting the SSL only Flag

[Home]   [Publications]   [Cookie encyclopedia]   [Mailing list]   [FAQ]   [Contact us]

Join the Blue Ribbon Online Free Speech Campaign!