- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Wed, 22 Jun 2011 06:23:08 +0000
- To: Willy Tarreau <w@1wt.eu>
- cc: Mark Nottingham <mnot@mnot.net>, httpbis Group <ietf-http-wg@w3.org>
In message <20110622060021.GE18843@1wt.eu>, Willy Tarreau writes: >As we discussed one month ago on this subject, shouldn't we recommend even >smaller sizes ? I agree for four reasons: 1. Storing information in cookies are by definition unsafe and a privacy problem. Cookies should primarily be used for anonymous nonces which index server side storage. 2. Transmission and bandwidth waste. 3. Cookies represent inverse economics: It's the webserver which controls their size, but the client pays for the bandwidth. 4. This is not a cookie: http://forums.techarena.in/off-topic-chat/1055039.htm Poul-Henning -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Wednesday, 22 June 2011 06:23:33 UTC