-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ok, quick update, I've done a basic assessment of the additional
security impact of global session cookies and some mitigration strategies:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iEYEARECAAYFAkgD438ACgkQwRnhpk1wk47oUACghElFHwRpQptz6j+rBe9GqW2N
TEoAoKJaE304uPI2NX1sQp0C2khOf0R8
=cBb+
-----END PGP SIGNATURE-----