idnits 2.17.1 draft-pradeepkumarxplorer-httpuserinfo-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == It seems as if not all pages are separated by form feeds - found 0 form feeds but 3 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 19 instances of too long lines in the document, the longest one being 28 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (Jul 21, 2018) is 2099 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 HTTP Pradeep Kumar Xplorer 2 Internet-Draft Ex-Sun Employee 3 Intended status: Standards Track Individual 4 Expires: Jan 21, 2019 Jul 21, 2018 6 Need for http user information from clients 7 draft-pradeepkumarxplorer-httpuserinfo-01 9 Abstract 11 This document describes the need for a switch on the webserver that allows 12 only authenticated users to access information. 14 Status of This Memo 16 This Internet-Draft is submitted in full conformance with the 17 provisions of BCP 78 and BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF). Note that other groups may also distribute 21 working documents as Internet-Drafts. The list of current Internet- 22 Drafts is at http://datatracker.ietf.org/drafts/current/. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 This Internet-Draft will expire on Jan 21,2019. 31 Copyright Notice 33 Copyright (c) 2013 IETF Trust and the persons identified as the 34 document authors. All rights reserved. 36 This document is subject to BCP 78 and the IETF Trust's Legal 37 Provisions Relating to IETF Documents 38 (http://trustee.ietf.org/license-info) in effect on the date of 39 publication of this document. Please review these documents 40 carefully, as they describe your rights and restrictions with respect 41 to this document. Code Components extracted from this document must 42 include Simplified BSD License text as described in Section 4.e of 43 the Trust Legal Provisions and are provided without warranty as 44 described in the Simplified BSD License. 46 Table of Contents 47 1. Introduction ............................................... 2 48 2. Background ..................................................2 49 3. General Information of the service ..........................3 50 4. Authors Addresses ...........................................3 51 5. Acknowledgements ............................................3 53 1. Introduction 55 To have two classes of http users, authenticated with some user information 56 credentials other than IP address of machine used and location information and others 57 anonymous or unauthenticated without any user information and only IP address of machine 58 used and location information. 60 2. Background 61 RIght now as a WWW publisher i cannot program my website to say that only authenticated 62 users can view my website and anonymous users with just IP address and location information 63 should not be able to view my website 65 3. General Information of the service 67 Right now to hide sensitive or subscription based information i have to implement username 68 password restrictions in the website code i am publishing.I should be able to say that 69 only a HTTP client request that has in addition to location and IP address some User information 70 should be served information from my website. This user information can be queried using a 71 service similar to whois domainname.com to find out what is publicly available about the 72 browser of information.Right now a user from say Newyork can login to my website in Utah Create 73 fake user name and passwords and access information for free or for a usage fee. If i dont have 74 username password subscription services and all my information is available for free, then the 75 only guaranteed information i have about the user is IP address and location information. 77 4.Authors' Addresses 79 Pradeep Kumar Xplorer 80 EMail: pradeepan88@hotmail.com, pradeep@explodingmoon.org 81 URI: http://www.pradeepkumarxplorer.com 83 5.Acknowledgement