Re: gnatsweb/201: GNATS Web forces stored cookies rather than temp cookies.

[Aaron Yourk]

The following reply was made to PR gnatsweb/201; it has been noted by GNATS.

From: "Aaron Yourk" <address@hidden>
To: <address@hidden>,
        "Yngve Svendsen" <address@hidden>
Cc:  
Subject: Re: gnatsweb/201: GNATS Web forces stored cookies rather than  temp 
cookies.
Date: Sun, 17 Jun 2001 11:47:46 -0500

 I'm currently working on a way to have a little check box in the web page
 for Login so that stored cookies are optioinal.
 I think that this fits the bill better.  The only thing I can think of that
 would be good for the encryption of passwords is to (probably optionally)
 provide a method of logging in over a secure connection.  I realize that
 this implies that the person has to have a secure web server.  This is also
 something feasible over SSL.  There is such a thing as Secure cookies, which
 are basically cookies for secure web sites.
 
 ----- Original Message -----
 From: "Yngve Svendsen" <address@hidden>
 To: <address@hidden>; <address@hidden>
 Sent: Thursday, June 14, 2001 10:16 Am
 Subject: Re: gnatsweb/201: GNATS Web forces stored cookies rather than temp
 cookies.
 
 
 At 19:38 01.06.2001 +0000, address@hidden wrote:
 >GNATSweb forces the user to use permanent/stored cookies.
 >It could use temp cookies if the cookies didn't use an expiration
 >date/time.  A patch is provided below:
 
 Thanks for the patch. We do, however, want to keep using stored cookies
 since we want to preserve login data between sessions.
 
 I would, however, like to implement encryption of passwords stored in
 cookies. Any input as to how that could best be done would be appreciated.
 
 Yngve Svendsen
 Gnatsweb maintainer