Sure you do a check out on the document and the system records on the Server the existence of the check out. Then you do a check in on the document and the server knows who has the document checked out. Either way cookies do not need and should not be a part of this standard. If a server needs to use cookies, for whatever reason, then it can use the cookie mechanisms already available, however it is am implementation specific need and does not fit into the general model of check in/check out. Yaron ---------- From: Christopher Seiwald[SMTP:seiwald@perforce.com] Sent: Friday, August 30, 1996 8:46 AM To: murray@sq.com; seiwald@perforce.com Cc: dgd@cs.bu.edu; ejw@ics.uci.edu; w3c-dist-auth@w3.org; www-vers-wg@ics.uci.edu Subject: Re: Seiwald Q & A -- "GET for EDIT" cookies Much has floated around about this that I mean to answer, but for now Murray has posted the most straightforward inquiry. | From: Murray Maloney <murray@sq.com> | Subject: Re: Seiwald Q & A -- "GET for EDIT" cookies | | When a user "checks out" a document for editing, | the revision contrl system "should" record who it | is that is checking out the document so that when | the same user attempts to "check in" the document | there is a mechanism to say "Hey, remember me? I am | checking in the document that I previously checked out | for editing. Here it is." The RCS can verify that it is | the same user that is recorded and proceed, or reject | the action if it is not the same user. | Very close, except I'm not asserting that the revision control system _should_ record anything when a user starts to edit a document. Instead, I say that there are many systems that _do_ record something, and that HTTP _should_ cart around a token ("or cookie" ) of this recorded information. For something like RCS or CVS, the cookie might be only a name and rev of the document. For Clearcase or Perforce, the cookie might be an inscrutable pointer to info in its database. For less version-stringent systems, there may be no cookie at all. | Christopher is asserting that a "cookie" is the best, | if not the only, way to manage the session. Perhaps there is another way? Christopher