Mon, 27 Sep 1999 08:35:33 -0400
I trust that the encoded 128 bit numbers are encoded on a per-client basis?
It appears to me that these capabilities are not secure. Any web walker can
find them and subsequently use them. They therefore appear to provide neither
caller authentication nor access control.
Perhaps I have misunderstood. If so, can you clarify?
Jonathan S. Shapiro, Ph. D.
IBM T.J. Watson Research Center
Phone: +1 914 784 7085 (Tieline: 863)
Fax: +1 914 784 7595