W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Introducing a Session header...

From: Martin J. Dürst <duerst@it.aoyama.ac.jp>
Date: Wed, 18 Jul 2012 10:16:13 +0900
Message-ID: <50060E5D.4020203@it.aoyama.ac.jp>
To: Ross Nicoll <jrn@jrn.me.uk>
CC: James M Snell <jasnell@gmail.com>, ietf-http-wg@w3.org
On 2012/07/18 8:08, Ross Nicoll wrote:

> I'd also be tempted to tighten the definition of a session identifier, to be
> a UUID. This may make backwards compatibility trickier, but I think would
> encourage use of difficult to guess identifiers by developers who may
> otherwise simply hand out sequence numbers, without knowing better.

Yes. Or simply stick the cookie dough into the Session header :-(.

Regards,   Martin.
Received on Wednesday, 18 July 2012 01:16:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 18 July 2012 01:16:53 GMT