NAT'd IP's Re: [Seaside] Seaside session stealing
Philippe Marschall
philippe.marschall at gmail.com
Wed Apr 22 05:11:04 UTC 2009
2009/4/22 Nevin Pratt <nevin at bountifulbaby.com>:
> Yes, but sometimes there's a "good enough" solution. It depends on your
> security needs.
>
> On my Seaside site, all that a security breach reveals is the postal address
> of the person that got "breached". No financial data is compromised. And,
> if a person is sophisticated enough to sniff the packets, they are
> sophisticated enough to discover a person's postal address some other way
> anyway (for example, by looking through a local phone book).
>
> I don't know that SSL is needed for such a small security issue.
If you care about such issues, as you obviously do, use SSL.
Cheers
Philippe
More information about the seaside
mailing list