On Wed, 27 Mar 1996 firstname.lastname@example.org wrote:
> >Firstly, I think there should be another identifier for authentication name
> >(like what is present in the CLFF). (I'm suprised there haven't been more
> >request along this line, other than the geographic business being talked
> >about earlier, no one has requested additional identifiers?)
> The problem here being how to define the manner in which the name is obtained.
> Some people are using cookies to abtain authentication names...
> It is an oversight though..
>  Representation of User name
> Not bright to log BASIC auth strings for this purpose
Can we broaden this a bit? I would vote for session ID over user name.
That provides a way to protect anonymity without losing session tracking.
The user name to session ID relationship could be preserved outside the
James Calloway, General Manager http://www.nando.net
Nando.net, a McClatchy New Media company
127 W. Hargett St., Suite 406, Raleigh, NC 27601-1351
Voice: (919) 836-2858 FAX: (919) 829-8924