Because you don't have full control over the session cookie since it is generated by PHP. For an authentication cookie you want to layer other application-specific checks on top of it.
Could you give an example of such checks? -- Stanislav Malyshev, Zend Products Engineer [EMAIL PROTECTED] http://www.zend.com/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
