Re: Session tracking

Jared Rhine (
Wed, 10 May 1995 03:18:13 +0500

[Citation date: Fri, 21 Apr 1995 19:31:52 +0500]
JP == James Pitkow <>

[The topic was session-tracking proposals, esp the proposed "Session-ID"

JP> 1) identify sessions (esp. from firewalled domains)
JP> [...]
JP> If the 'From:' field is widely used, you'd have what you wanted(1).

No, I don't believe so, because one of the stated requirements is that we be
able to identify sessions without compromising the identity of the user.

If this is the case, I fail to see how current HTTP practices allow for
session tracking as you claim:

JP> My point is that the protocol does not need to be changed to handle
JP> session(1) &/or user identification(2) - WWW browsers/interfaces need
JP> to pass the right information.


-- / HMC / <URL:>

"Remember: Once you pull the pin, Mr. Grenade is no longer your friend." -- Zippy the Pinhead