On Dec 13, 2007, at 4:49 PM, Ben Bangert wrote:
I'd like some additional testing of the cookie-only sessions now present in the latest Beaker tip, if anyone is up for giving it a run. I've put up a page with more details here:http://wiki.pylonshq.com/display/beaker/Cookie-Only+Sessions
I've updated the cookie-based sessions based on crypto recommendations to now use 256-bit AES-CTR with a 256-bit SHA HMAC, which is extremely secure according to several experts I've consulted. Unfortunately, that has upped the requirement that cookie-based sessions do require the PyCrypto package to be installed.
Cheers, Ben
smime.p7s
Description: S/MIME cryptographic signature
