Re: Session tracking

Jared Rhine (Jared_Rhine@hmc.edu)
Wed, 10 May 1995 03:18:13 +0500


[Citation date: Fri, 21 Apr 1995 19:31:52 +0500]
JP == James Pitkow <pitkow@cc.gatech.edu>

[The topic was session-tracking proposals, esp the proposed "Session-ID"
header.]

JP> 1) identify sessions (esp. from firewalled domains)
JP> [...]
JP> If the 'From:' field is widely used, you'd have what you wanted(1).

No, I don't believe so, because one of the stated requirements is that we be
able to identify sessions without compromising the identity of the user.

If this is the case, I fail to see how current HTTP practices allow for
session tracking as you claim:

JP> My point is that the protocol does not need to be changed to handle
JP> session(1) &/or user identification(2) - WWW browsers/interfaces need
JP> to pass the right information.

Elaborations?

-- 
Jared_Rhine@hmc.edu / HMC / <URL:http://www.hmc.edu/~jared/home>

"Remember: Once you pull the pin, Mr. Grenade is no longer your friend." -- Zippy the Pinhead