Re: Proposal for two new authentication schemes...

Rich Connamacher <> wrote:
  > Another addition to the authentication scheme I would like to see would 
  > be for an invisible tagging of a password with each request, to make it 
  > easier for the server to keep track of individual guest users who don't 
  > have a username and password.  It would work like the following:
  > WWW-authenticate: Tagged realm=foo,authentication=bar
  > then, the client should, within the realm foo, use 'bar' as its 
  > authorization credentials.

This is functionally equivalent to Netscape's cookie scheme, a
derivative of which is being standardized as an HTTP "state management"
proposal.  For the current set of documents, see

Dave Kristol

Received on Tuesday, 7 May 1996 08:39:01 UTC