W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1995

Re: making progress on State-Info

From: M. Hedlund <hedlund@best.com>
Date: Fri, 8 Dec 1995 17:11:10 -0700
Message-Id: <v02120d02acee7d48b117@[]>
To: Shel Kaphan <sjk@amazon.com>, Koen Holtman <koen@win.tue.nl>
Cc: Dave Kristol <dmk@allegra.att.com>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, montulli@mozilla.com, eric@spyglass.com
At 4:52 PM 12/8/95, Shel Kaphan wrote:
>Whether there is consensus (of any texture) for it or not, I think the
>reasonable thing to do under the circumstances is to compare it
>critically to the Netscape Cookie Proposal

See <URL:http://www.ics.uci.edu/pub/ietf/http/hypermail/1995q4/0161.html>
for a comparison on privacy issues.  I don't think there's any valid
comparison between the two other than: 'state-info:' addresses privacy, and
'cookie:' does not.[1]

Lou's objection was that it would be impractical to store all shopping
basket information in one header.  I disagreed (as an implementor of
several shopping-basket type applications) and others did as well.  I
suggested that if Lou felt this was a serious concern, perhaps we could add
the cookie proposal's concept of "path" to state-info.  Koen objected that
"path" was only a minor improvement.  Lou, would the addition of "path"
overcome your objections to 'state-info:'?  If not, what would?

M. Hedlund <hedlund@best.com>

[1]  My favorite quote on the issue:
        "Currently, when you first use the Netscape program,
        a message is sent to our server in Mountain View, and
        we retrieve what we call the Magic Cookie, and this
        Magic Cookie uniquely identifies you.  The second
        time you run our program, our central system checks
        if we have received that Magic Cookie before."
                -Jim Clark, _The Red Herring_, Nov. 95, p. 70
Received on Friday, 8 December 1995 17:11:36 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:15 UTC