- From: Dave Kristol <dmk@allegra.att.com>
- Date: Tue, 7 May 96 11:19:40 EDT
- To: phantom@baymoo.sfsu.edu
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Rich Connamacher <phantom@baymoo.sfsu.edu> wrote: > Another addition to the authentication scheme I would like to see would > be for an invisible tagging of a password with each request, to make it > easier for the server to keep track of individual guest users who don't > have a username and password. It would work like the following: > > WWW-authenticate: Tagged realm=foo,authentication=bar > > then, the client should, within the realm foo, use 'bar' as its > authorization credentials. This is functionally equivalent to Netscape's cookie scheme, a derivative of which is being standardized as an HTTP "state management" proposal. For the current set of documents, see http://www.research.att.com/~dmk/cookie.html. Dave Kristol
Received on Tuesday, 7 May 1996 08:39:01 UTC