Re: CGI/1.0: last call

Tony Sanders <sanders@bsdi.com>

Mail folder: WWW Talk Oct 93-present
Next message: Tony Sanders: "Re: International Document Server Support "
Previous message: Lou Montulli: "Re: RFC: Multi-Owner Maintenance robot (MOMspider)"
Reply: jern@spaceaix.jhuapl.edu: "Re: CGI/1.0: last call"

Errors-To: sanders@bsdi.com
Errors-To: sanders@bsdi.com
Message-id: <199312061758.LAA05294@austin.BSDI.COM>
To: jern@spaceaix.jhuapl.edu
Cc: robm@ncsa.uiuc.edu (Rob McCool), www-talk@nxoc01.cern.ch
Subject: Re: CGI/1.0: last call 
In-Reply-To: jern@spaceaix.jhuapl.edu's message of Mon, 06 Dec 1993 08:56:01 EST.
Errors-To: sanders@bsdi.com
Reply-To: www-talk@nxoc01.cern.ch
Organization: Berkeley Software Design, Inc.
Date: Mon, 06 Dec 1993 11:58:41 -0600
From: Tony Sanders <sanders@bsdi.com>

bobj  <jern@spaceaix.jhuapl.edu> writes:
> Authentication must be the responsibility of the script writer.  While

Authentication must be the responsibility of the server.  If you want to
easily extend the possible authentication schemes then define a spec for
authentication scripts, but they should remain seperate from normal scripts,
which should not have to deal with authentication, that would be a HUGE
security hole.

--sanders