WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

White paper: Authentication and Session Management on the Web

From: Paul Johnston <paul () westpoint ltd uk>
Date: Mon, 07 Feb 2005 12:39:19 +0000
Hi,

You may be interested in this paper I've written:

 http://www.westpoint.ltd.uk/advisories/Paul_Johnston_GSEC.pdf
The first ten pages or so are probably less interesting to readers of this list, but the latter part covers in detail all the attacks such as session fixation, CSRF, etc. 

Any constructive discussion is welcomed!

Paul

--
Paul Johnston, GSEC
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul () westpoint ltd uk
web: www.westpoint.ltd.uk
Previous By Date Next
Previous By Thread Next

Current thread: