[Prev][Next][Index][Thread]

Re: http://www.w3.org/pub/WWW/TR/WD-logfile.html



On Wed, 27 Mar 1996 hallam@zorch.w3.org wrote:

> >Firstly, I think there should be another identifier for authentication name
> >(like what is present in the CLFF).  (I'm suprised there haven't been more
> >request along this line, other than the geographic business being talked
> >about earlier, no one has requested additional identifiers?)
> 
> The problem here being how to define the manner in which the name is obtained.
> Some people are using cookies to abtain authentication names...
> 
> It is an oversight though..
> 
> [1010] Representation of User name 
>     Not bright to log BASIC auth strings for this purpose 

Can we broaden this a bit? I would vote for session ID over user name. 
That provides a way to protect anonymity without losing session tracking. 
The user name to session ID relationship could be preserved outside the 
access log.


James Calloway, General Manager                     http://www.nando.net
Nando.net, a McClatchy New Media company
127 W. Hargett St., Suite 406, Raleigh, NC 27601-1351
Voice: (919) 836-2858  FAX: (919) 829-8924


Follow-Ups: References: