W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Introducing a Session header...

From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 17 Jul 2012 16:21:16 -0700
Message-ID: <CABkgnnUfHDB6fzyydM3StZiusu-AB+Y0bDT6tjhwTkHNs+Bb+w@mail.gmail.com>
To: James M Snell <jasnell@gmail.com>
Cc: ietf-http-wg@w3.org
On 17 July 2012 15:48, James M Snell <jasnell@gmail.com> wrote:
> In several of the ongoing discussions there has been mention of the need for
> a Session header to replace the use of Cookies for basic session management.

Just because everyone does it and wants it, it doesn't mean that it is
suddenly a good idea.

It might end up being a necessary idea, but don't mistake necessary
for good or for compatible with the architecture of HTTP.  If
something like this happens, the goal should be to minimize
crappiness.

All this looks like so far is a constrained syntax Cookie, which is
far less useful than a Cookie and so I see no reason for it to be used
over a Cookie, which you will have to support anyway...

--Martin
Received on Tuesday, 17 July 2012 23:21:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 17 July 2012 23:21:50 GMT