Re: draft-ietf-http-state-mgmt-03.txt

Please look at RFC1123.

See section 4.1.2.4 (the QUOTE command), which is a MUST.

See also 6.1.4.2, (DNS user interface), 6.1.4.3 (DNS abbreviation
expansion), etc., etc.,

All of these concern themselves exclusively with how host software
forms protocol messages based on user input.  

6.1.4.3 seems quite analagous to cookies, since it places restrictions
on how much searching a resolver can do:

		 There is danger that a search-list mechanism will
                 generate excessive queries to the root servers while
                 testing whether user input is a complete domain name,
                 lacking a final period to mark it as complete.  A
                 search-list mechanism MUST have one of, and SHOULD have
                 both of, the following two provisions to prevent this:

                 (a)  The local resolver/name server can implement
                      caching  of negative responses (see Section
                      6.1.3.3).

                 (b)  The search list expander can require two or more
                      interior dots in a generated domain name before it
                      tries using the name in a query to non-local
                      domain servers, such as the root.

					- Bill

Received on Thursday, 1 August 1996 11:34:34 UTC