W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > July to September 1996

Re: Seiwald Q & A -- "GET for EDIT" cookies

From: Christopher Seiwald <seiwald@perforce.com>
Date: Fri, 30 Aug 1996 08:46:11 -0700
Message-Id: <199608301546.IAA18428@spice.perforce.com>
To: murray@sq.com, seiwald@perforce.com
Cc: dgd@cs.bu.edu, ejw@ics.uci.edu, w3c-dist-auth@w3.org, www-vers-wg@ics.uci.edu
Much has floated around about this that I mean to answer, but for
now Murray has posted the most straightforward inquiry.

| From: Murray Maloney <murray@sq.com>
| Subject: Re: Seiwald Q & A -- "GET for EDIT" cookies
|
| When a user "checks out" a document for editing,
| the revision contrl system "should" record who it
| is that is checking out the document so that when
| the same user attempts to "check in" the document
| there is a mechanism to say "Hey, remember me? I am
| checking in the document that I previously checked out
| for editing. Here it is." The RCS can verify that it is
| the same user that is recorded and proceed, or reject
| the action if it is not the same user.
|

Very close, except I'm not asserting that the revision control system
_should_ record anything when a user starts to edit a document.  Instead,
I say that there are many systems that _do_ record something, and that
HTTP _should_ cart around a token ("or cookie" ) of this recorded
information.

For something like RCS or CVS, the cookie might be only a name and rev
of the document.  For Clearcase or Perforce, the cookie might be an
inscrutable pointer to info in its database.  For less version-stringent
systems, there may be no cookie at all.

| Christopher is asserting that a "cookie" is the best,
| if not the only, way to manage the session.

Perhaps there is another way?

Christopher
Received on Friday, 30 August 1996 11:48:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:40 GMT