In regard to the proxy passing logfile info to servers, I do hope people discussing these issues have looked at the Security section of the HTTP spec. Some of the suggestions would be a direct violation of those recommendations. Servers have a right to know # individuals # hits hit times domains serviced per URL, but not e-mail addresses, machine names, or any other data that could be used to identify an individual. Referer data must also] be optional. Like Andrew mentioned, this is best done by passing a URL to the origin server that tells it where it may retrieve a sanitized summary of the data. ....Roy T. Fielding Department of ICS, University of California, Irvine USA Visiting Scholar, MIT/LCS + World-Wide Web Consortium (fielding@w3.org) (fielding@ics.uci.edu)Received on Monday, 14 August 1995 14:13:03 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:24 EDT