Re: Session tracking

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: David Robinson: "Re: Strange problem with GMT on Solaris"
• Previous message: Jared Rhine: "Expires non-compliance"
• Maybe in reply to: Brian Behlendorf: "Session tracking"
• Next in thread: James Pitkow: "Re: Session tracking"

[The topic was session-tracking proposals, esp the proposed "Session-ID"
header.]

JP> 1) identify sessions (esp. from firewalled domains)
JP> [...]
JP> If the 'From:' field is widely used, you'd have what you wanted(1).

No, I don't believe so, because one of the stated requirements is that we be
able to identify sessions without compromising the identity of the user.

If this is the case, I fail to see how current HTTP practices allow for
session tracking as you claim:

JP> My point is that the protocol does not need to be changed to handle
JP> session(1) &/or user identification(2) - WWW browsers/interfaces need
JP> to pass the right information.

Elaborations?

-- 
Jared_Rhine@hmc.edu / HMC / <URL:http://www.hmc.edu/~jared/home>

"Remember: Once you pull the pin, Mr. Grenade is no longer your friend."
        -- Zippy the Pinhead

• Next message: David Robinson: "Re: Strange problem with GMT on Solaris"
• Previous message: Jared Rhine: "Expires non-compliance"
• Maybe in reply to: Brian Behlendorf: "Session tracking"
• Next in thread: James Pitkow: "Re: Session tracking"