Updated concept and added a section about cookie vs token

gberaudo committed Dec 11, 2015

Add idea about using referer to prevent CSRF

gberaudo committed Nov 6, 2015

Add questions following discussion with Stéphane

gberaudo committed Oct 20, 2015

Update following today discussion

gberaudo committed Oct 20, 2015

Clarify why we will go with master key.

gberaudo committed Oct 19, 2015

init

Tobias Sauerwein committed Oct 9, 2015