And to extend it further, the SSP should provide the ability to list which domains are allowed to do third-party signing. Otherwise, if it is boolean switch, turning on the switch open you up to spoofing attacks.
Would there be enough room in 512 bytes to effectively do that? -- Arvel
Previous by Date: | Re: SSP outbound signing policy, Earl Hood |
---|---|
Next by Date: | Re: The cost of choices, Arvel Hathcock |
Previous by Thread: | Re: The cost of choices, Earl Hood |
Next by Thread: | Re: The cost of choices, Earl Hood |
Indexes: | [Date] [Thread] [Top] [All Lists] |