Re: 3 Proposals: session ID, business-card auth, customer auth

-----BEGIN PGP SIGNED MESSAGE-----

In a previous episode...James Pitkow said:
- -> 
- -> I agree with you.  What I think we can balance these needs (this reached moderate
- -> consensus yesterday) by having browsers change session ids per site. 

Don't take this as an objection to the session-id concept (which I
regard as important for justifying investment of resources) but I do
see a potential abuse that I want considered beforehand.

Not a privacy abuse, but a philosophical abuse of the nature of the
web. 

As soon as it is possible to distinguish one session from another I
can guarantee the first thing (well maybe second thing after
incorporating it into existing stats programs, largely the intended
use) people will do is try and force the path of pages a session will
take. A common newbie request on comp.inofsystems.* is how to prevent
links to pages that aren't their home page. Session-ids can even
extend this idea to forcin an entire ordering of pages not just a
single front door.  People will try and force the web into a
heirarchical ordered structure instead of intermixed and web-like that
is much more conducive to sharing and extracting relevant
information. It could, in short, make the web only a tool for browsing
and not efficient indexed information retreival. (Not that it is now,
but it has the chance to be, and I think its closer now than with
session-ids)

- -Pat

- --
Patrick R. McManus	NYSERNet, Inc.		Information Services
http://pat.nyser.net/~mcmanus		Systems and Network Programming
Looking for a job? Over 100,000 positions on http://www.ajb.dni.us
* - You Kill Nostalgia, Xenophobic Fears. It's Now or Neverland. - *


(This is a complete non-sequitor but in reference to the earlier
library analogy about leaving a trail when you take out materials. In
general librarians abhor this aspect of modern circulation systems and
insist that no records be kept other than current outstanding
materials and a history of any lost or damaged items. This is just my
experience but is common practice as I understand it.)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMA2vbzt40Y2EitWtAQFF2wP/UIac81awNtdnAX1sm3ciS1bdM6gRGvAC
2LEwxhRj4ty0qxqYMMd7i8pYuWJwya8hvVAPL5vxQJAMO4qTiH1YCqqz8+YlyoLv
aXVENBa1chmM3kwMz7lGL3FOkT/YOCbpe2KYcFAhC3hnTjHfdtRwmX2cBm9iAvMi
zvTwsmzNSoM=
=yXFE
-----END PGP SIGNATURE-----

Received on Wednesday, 19 July 1995 21:25:41 UTC