[Mediawiki-l] How to let people stay logged in
gary.kirk at gmail.com
Thu Oct 26 15:56:04 UTC 2006
Ah, thanks :)
On 10/26/06, Rick DeNatale <rick.denatale at gmail.com> wrote:
> On 10/25/06, Gary Kirk <gary.kirk at gmail.com> wrote:
> > That kind of defeats the point of using HTTPS, no?
> I don't see how.
> HTTPS is a transport level protocol which does several things:
> 1) It encrypts traffic between the client and server
> 2) It uses a certificate to authenticate the server so the client
> knows who it's talking to.
> 3) It optionally uses a client-certificate to authenticate the client
> machine to the server.
> #3 is not often used.
> Persistent cookies don't defeat https, since they are part of the
> protocol at the application level.
> Rick DeNatale
> My blog on Ruby
> IPMS/USA Region 12 Coordinator
> Visit the Project Mercury Wiki Site
> MediaWiki-l mailing list
> MediaWiki-l at Wikimedia.org
More information about the MediaWiki-l