> And you understand that authentication and session tracking are two > different things? Definitely I do. But it's also true that both of them are closely related. A session without a user may be termed as anonymous session while one with authentication performed may be a named-session. They are dfiferent, but closely related. Anyway... I may sound Mr Beans but I have some situations (a combination of these) as given below: 1. Cookies banned. Even if you enable cookies on your machine, the proxy does not allow the "Cookie" / "Set-Cookie" header to be passed on. 2. I am viewing a simple html page. I agree, I can have home hidden fields to look for the sticky session-ID in form parameter. Granted a relieve. 3. I am viewing a secret page, say, Secret.PDF => I cannot have a hidden field in my PDF. Or I have secret movie - CIA-Secret-Mission.mpg How do I track the session in this case - without a cookie! Is there any option current available? -- Cheers, Gaurav Vaish http://www.mastergaurav.org http://mastergaurav.blogspot.com -------------------------------- _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf