Encryption keys for cookies and https

R

Randall Parker

Some basic security questions:

1) Is there any difference in the sort of encryption keys needed for encrypted
cookies versus for https connections?

2) Does one need encrypted cookies for people who log on to a site using forms
authentication?
 
D

Daniel Fisher\(lennybacon\)

Http-encryption (SSL/HTTPS) uses certificats. cookie do not.

The FormsAuthentication cookies value is an encrypted ticket.

Cheers,
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Beginner's Guide to getting CipherSweet working with PDO and MYSQL 1
Cookie encryption? 7
Generating and Saving Keys for AES Encryption. 2
m2crypto https, xmlrpc, and cookies 0
servlet + login + cookies+ https 15
Forms Authentication and Cookies 2
Create Forms Authentication Ticket with Machine Keys 1
HOW TO: store keys? 0

Members online

Total: 21 (members: 1, guests: 20)
Robots: 336

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,011
Latest member
AjaUqq1950

Latest Threads

Top