W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

RE: REAUTHENTICATION REQUIRED

From: David W. Morris <dwm@xpasc.com>
Date: Mon, 24 Nov 1997 10:07:33 -0800 (PST)
To: Paul Leach <paulle@microsoft.com>
Cc: 'http-wg' <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>, 'Jim Gettys' <jg@w3.org>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.GSO.3.96.971124100502.14815E-100000@shell1.aimnet.com>
My point is that the server HAS NO WAY to perform a timeout on its own
without someform of state tracking.  By providing a timeout to the
client, the server doesn't need to introduce some other form of
state management.

On Mon, 24 Nov 1997, Paul Leach wrote:

> How the server does it's timeout is completely up to it, or more precisely,
> up to the application that uses the server.
> 
> As far as I can tell, the people who want this have quite well formed ideas
> as to how long the timeout should be, so we don't need to include
> guidelines.
> 
> As to the second suggestion, which I'll call  "2xx Logout", I'm agnostic,
> and await more WG feedback.
Received on Monday, 24 November 1997 10:14:11 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:04 EDT