Does ActionController::Session::CookieStore really default to using SHA1? SHA1 is "not recommended for new projects"
-
-
@bascule wikipedia sez sha1 is good for verifying data integrity, bad for security — seems like cookies only need the former. am I wrong? -
@markov_twain cryptographic best practices would suggest upgrading at this point
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.