Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96166
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 5819 invoked from network); 26 Sep 2016 23:05:37 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Sep 2016 23:05:37 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:50414] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id BD/D5-04248-FB9A9E75 for <internals@lists.php.net>; Mon, 26 Sep 2016 19:05:37 -0400
Received: (qmail 101779 invoked by uid 89); 26 Sep 2016 23:05:31 -0000
Received: from unknown (HELO mail-qk0-f173.google.com) (yohgaki@ohgaki.net@209.85.220.173)
  by 0 with ESMTPA; 26 Sep 2016 23:05:31 -0000
Received: by mail-qk0-f173.google.com with SMTP id n185so186399539qke.1
        for <internals@lists.php.net>; Mon, 26 Sep 2016 16:05:30 -0700 (PDT)
X-Gm-Message-State: AA6/9Rm01YwIvbcp6R1gLxDqWgJ8VCVwKwmYLpu0vECw6W3XEshHqvugM38xkTppztqhxV5bAwwsqb4hPSYIHw==
X-Received: by 10.55.145.197 with SMTP id t188mr24290475qkd.233.1474931125154;
 Mon, 26 Sep 2016 16:05:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.84.168 with HTTP; Mon, 26 Sep 2016 16:04:44 -0700 (PDT)
In-Reply-To: <CAGa2bXYQweCOE4G7P-rr1-VyN7Vj36NcOL9MXZaoN=xqeN1ptg@mail.gmail.com>
References: <CAGa2bXaX1eZS=_Xg3JjCVZRBSruMy6yUk-PTrKoGOwW5Tg=0_Q@mail.gmail.com>
 <c90779f0-0034-b3fc-e2fe-e19503a196ce@gmail.com> <CAGa2bXYQweCOE4G7P-rr1-VyN7Vj36NcOL9MXZaoN=xqeN1ptg@mail.gmail.com>
Date: Tue, 27 Sep 2016 08:04:44 +0900
X-Gmail-Original-Message-ID: <CAGa2bXbSZBG15xVsLkf-F9LYe_sB0AFRaEeTNifFWSqJgJ6FqQ@mail.gmail.com>
Message-ID: <CAGa2bXbSZBG15xVsLkf-F9LYe_sB0AFRaEeTNifFWSqJgJ6FqQ@mail.gmail.com>
To: Stanislav Malyshev <smalyshev@gmail.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] Fixing halfway implemented session management -
 timestamp based session management OR remove session_regenerate_id()
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

On Tue, Sep 27, 2016 at 7:52 AM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
> So you do not think timestamp based session management is not
> mandatory. Then how do you accomplish securing session data?

Sorry, above sentence should be

So you think timestamp based session management is not
mandatory. Then how do you accomplish securing session data?

--
Yasuo Ohgaki
yohgaki@ohgaki.net