I don't buy the argument that future security should be modelled after
the broken security we have today.
EHL
On Mar 4, 2010, at 10:55, "David Recordon" wrote:
> Copying over a discussion from comments on my blog...
> http://daveman692.livejournal.com/349384.html?thread=1117640#t1117640
>
> M
On Thu, Mar 4, 2010 at 10:55 AM, David Recordon wrote:
> Mart Atkins:
>> Doing short-lived access tokens in cleartext is not really any different to
>> how most sites
>> handle sessions today. A short-lived access token isn't much different than
>> a session key.
Yep. This is not an accident,
Copying over a discussion from comments on my blog...
http://daveman692.livejournal.com/349384.html?thread=1117640#t1117640
Mart Atkins:
> Doing short-lived access tokens in cleartext is not really any different to
> how most sites
> handle sessions today. A short-lived access token isn't much di
