W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1995

Re: "Hits" pragma

From: Roy Fielding <fielding@beach.w3.org>
Date: Mon, 14 Aug 1995 17:11:56 -0400
Message-Id: <199508142111.RAA27909@beach.w3.org>
To: http wg discussion <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
In regard to the proxy passing logfile info to servers, I do hope
people discussing these issues have looked at the Security section
of the HTTP spec.  Some of the suggestions would be a direct
violation of those recommendations.

Servers have a right to know

    # individuals
    # hits
    hit times
    domains serviced

per URL, but not e-mail addresses, machine names, or any other data
that could be used to identify an individual.  Referer data must also]
be optional.

Like Andrew mentioned, this is best done by passing a URL to the
origin server that tells it where it may retrieve a sanitized summary
of the data.

 ....Roy T. Fielding  Department of ICS, University of California, Irvine USA
                      Visiting Scholar, MIT/LCS + World-Wide Web Consortium
                      (fielding@w3.org)                (fielding@ics.uci.edu)
Received on Monday, 14 August 1995 14:13:03 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:24 EDT