Cache Dependent Key/Encryption

From: A. Elamiri (abdellahDOTelamiriATclintonDOTedutNOSPAM)
Date: 04/19/04


Date: Mon, 19 Apr 2004 10:22:34 -0400

I would like to store some Role Information in a cookie since I cannot use
Session in the AuthenticateRequest method.

I thought of encrypting the cookie using Rijndael Algo. for provider. I
would generate a 16 character key store it as a Cached object and replace it
every 20-30 minutes, if the cookie data does not decrypt then simply reload
it because I would assume that key expired.

Is this a secure way of doing it?