Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

session id and security concerns #173

Closed
fandrei opened this Issue Jul 5, 2012 · 3 comments

Comments

Projects
None yet
3 participants
Contributor

fandrei commented Jul 5, 2012

Currently the latency recorder uses CIAPI session id to identify AppMetrics reporting session as well. The problem is that CIAPI session id is sensitive information and potentially can be sniffed.
What about using something else instead?

Contributor

fandrei commented Jul 5, 2012

PS I'd prefer to make it configurable, the same as ApiClient.AppKey

@ghost ghost assigned mrdavidlaing Jul 5, 2012

Contributor

bitpusher commented Jul 6, 2012

session id removed from metrics reporting. alternate identifier TBD

@bitpusher bitpusher closed this Jul 6, 2012

@fandrei fandrei reopened this Jul 9, 2012

Contributor

fandrei commented Jul 9, 2012

My suggestion: add MetricsSession property and initialize it from constructor parameter, the same way as AppKey

@ghost ghost assigned bitpusher Jul 9, 2012

@bitpusher bitpusher closed this Jul 17, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment