NAT'd IP's Re: [Seaside] Seaside session stealing

Philippe Marschall philippe.marschall at
Wed Apr 22 05:11:04 UTC 2009

2009/4/22 Nevin Pratt <nevin at>:
> Yes, but sometimes there's a "good enough" solution.  It depends on your
> security needs.
> On my Seaside site, all that a security breach reveals is the postal address
> of the person that got "breached".  No financial data is compromised.  And,
> if a person is sophisticated enough to sniff the packets, they are
> sophisticated enough to discover a person's postal address some other way
> anyway (for example, by looking through a local phone book).
> I don't know that SSL is needed for such a small security issue.

If you care about such issues, as you obviously do, use SSL.


More information about the seaside mailing list