| http://www.w3.org/ns/prov#value | - point in the future, possibly after the file has been recreated.And while it might not be possible to change GET data without reauthentication, cookies and POST data *can* be changed.To protect against the first problem, the nonce can be made to include a timestamp, and a check added to ensure that nonces older than e.g. 30 minutes result in a new authentication request.
|
