- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Sun, 14 Jul 2013 12:34:47 +0000 (UTC)
- To: ietf-http-wg@w3.org
Willy Tarreau <w <at> 1wt.eu> writes: > A shard reference or session ID are two completely different things. A > session ID comes from one referential. A shard reference indicates what > referential to use. That's why a user-provided session ID cannot be used > as a shard reference and prevents from scaling. I *do* use cookies exactly > as you describe because it's the only way to scale, and have been doing so > for almost a decade now. In a cookie, you can indicate the DC, the server, > a location in a database, etc... Whatever you need to perform very fast > access. You simply can't do that by learning massive amounts of randoms > generated by clients. Then have the ID set by the server in answer to the first client request (and limit its size in the protocol so no one tries to push a cookie there) -- Nicolas Mailhot
Received on Sunday, 14 July 2013 12:35:26 UTC