no email ()
Wed, 9 Feb 1994 22:00:48 --100
According to Archie Warnock:
> So Rob McCool sez to me:
> > I think we need to change this section to read that From: is to be used for
> > logging purposes only, and strike the mention of insecure form of access
> > protection and the section on the person given accepting responsibility for
> > the method performed. The only access protection this would provide is
> > applicable in such a limited context that the information in From: is not
> > useful for more than logging information anyway.
> I agree. I'm much more interested in clients that can (eventually)
> encrypt a paassword field in a document and send it to the server for
> validation than in ever suggesting that the From: field could be used
> for some sort of access control. OTOH, I'd just love to have the server
> log that information - there are a number of cases where we could make
> use of user name information in our summary stats.
Which, if any, clients currently support the From: header?
John Franks Dept of Math. Northwestern University