Opaque from Mike Cowlishaw on 1995-04-27 (ietf-http-wg@w3.org from April to June 1995)

From: Mike Cowlishaw <mfc@vnet.ibm.com>
Date: Thu, 27 Apr 95 18:51:09 BST
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Cc: dmk@allegra.att.com
Message-Id: <9504271802.AA09325@hplb.hpl.hp.com>

(Continuing after power-cut .. apologies for duplicated first sentences!)

> Dave Kristol wrote:
> I have to disagree:
> 1) Only a few headers need opaque.  We're not burdening all, or anywhere
> close to all, of them.
Of course, but once one header adds a special opaque field then
everyone who 'owns' a header will add their own, too, citing the
precedent.  I'm looking long-term, here, and seeing (from bitter
experience) the thin edge of a combinatorial wedge, where every header
has every possible combination of attribute from every other header.

> 2) It's a nuisance for the server to have to collate information from
> two different headers.
Not really.  Most servers have to handle several headers already
(Last-Modified-Since, Content-Type, Content-Length, etc.)  Assuming
there's a reasonable internal lookup-by-name routine, it's no more
expensive to look up a separate header than to look up a field within
a header.

>                         In particular, if Opaque: has pieces that are
> labeled for different other headers (if I understand what you're
> proposing), then a server must, for example, parse both the Session-ID
> and Opaque headers to figure out what's going on.  It's much simpler to
> keep all the information together and parse a single header.
You're right for special-case parsing code, but that doesn't work, long
term, or help much if you're asking a script-writer to handle new
headers.

> If you're assuming that there's a relationship between the value of
> Opaque for Session-ID and the value for WWW-Authenticate, I think
> you're wrong:  I don't think they have any connection.  Certainly
> there's no obligatory connection.
I think the value of Opaque -- due to its generality -- rather outweighs
its value for either of those specific uses.  At present, I'm adding
hidden fields in fake forms in documents (which have no forms otherwise)
simply to achieve the Opaque effect.  I'd much rather do that at the HTTP
level, where it belongs.

Mike Cowlishaw

Received on Thursday, 27 April 1995 11:10:37 UTC