[Mediawiki-l] How to let people stay logged in
rick.denatale at gmail.com
Thu Oct 26 15:47:43 UTC 2006
On 10/25/06, Gary Kirk <gary.kirk at gmail.com> wrote:
> That kind of defeats the point of using HTTPS, no?
I don't see how.
HTTPS is a transport level protocol which does several things:
1) It encrypts traffic between the client and server
2) It uses a certificate to authenticate the server so the client
knows who it's talking to.
3) It optionally uses a client-certificate to authenticate the client
machine to the server.
#3 is not often used.
Persistent cookies don't defeat https, since they are part of the
protocol at the application level.
My blog on Ruby
IPMS/USA Region 12 Coordinator
Visit the Project Mercury Wiki Site
More information about the MediaWiki-l