W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

Re: Proposal for two new authentication schemes...

From: Dave Kristol <dmk@allegra.att.com>
Date: Tue, 7 May 96 11:19:40 EDT
Message-Id: <9605071519.AA20981@aleatory.tempo.att.com>
To: phantom@baymoo.sfsu.edu
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Rich Connamacher <phantom@baymoo.sfsu.edu> wrote:
  > Another addition to the authentication scheme I would like to see would 
  > be for an invisible tagging of a password with each request, to make it 
  > easier for the server to keep track of individual guest users who don't 
  > have a username and password.  It would work like the following:
  > 
  > WWW-authenticate: Tagged realm=foo,authentication=bar
  > 
  > then, the client should, within the realm foo, use 'bar' as its 
  > authorization credentials.

This is functionally equivalent to Netscape's cookie scheme, a
derivative of which is being standardized as an HTTP "state management"
proposal.  For the current set of documents, see
http://www.research.att.com/~dmk/cookie.html.

Dave Kristol
Received on Tuesday, 7 May 1996 08:39:01 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:59 EDT