[imp] imp_key cookie
Michael M Slusarz
slusarz at horde.org
Fri Jun 8 18:25:48 UTC 2012
Quoting Claude Tompers <claude.tompers at restena.lu>:
> I have a question concerning the imp_key cookie. Shouldn't it be
> renewed/regenerated on every login ?
Not necessarily. The only key that is important is the horde key,
since that controls the session information.
The imp key (or any application key) is used to encrypt information
within that application. It has nothing to do with session generation.
> Our showed that this was not the case and we suspect that this could
> lead to errors between Horde and the imap server if the cookie expires
> in a later session.
The imp_key cookie has nothing to do with session generation. It is
solely concerned with data encryption.
michael
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the imp
mailing list