Subject:
|
Re: Web interface cancels (was Re: Let's define what an auction announcement/update is)
|
Newsgroups:
|
lugnet.admin.general
|
Date:
|
Tue, 28 Nov 2000 18:47:59 GMT
|
Viewed:
|
246 times
|
| |
| |
In lugnet.admin.general, David Eaton writes:
> I guess the problem is authentication? Hmm...
> - cookie based (would only really work for members)
> - name & email pair on a form (EASILY manipulable, insecure)
> - automated 'bot accepting 'cancel' emails from verified email accounts
> (wouldn't work for people w/ spamblock?)
> - IP based (bad for ISPs, but good for short-term cancelling?)
I think it could be cookie based (he said, while simulteneously knowing nothing
about cookies). After all, posting identity is cookie based, is it not?
Do we really need to worry about "rogue cancellers" cancelling all kinds of
Lugnet posts via the web any more than we need to worry about identity fraud in
posting via the web? The security for both would be the same, essentially.
eric
|
|
Message has 2 Replies:
Message is in Reply To:
10 Messages in This Thread:
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|