3 Oct
2000
3 Oct
'00
11:24 a.m.
i.e. it is secure if the key *is* the data, rather than a key to the data.
Can you explain? I do not see what you're getting at.
Consider how the tree-tag stores its 'session' data. Its impossible to hijack a tree-tag session because the 'session' state is stored by the client (in the URL) in full. There are other differences between this type of session and the CoreSessionTrackingProposal; but the advantages are not all one way.