- From: Dave Kristol <dmk@allegra.att.com>
- Date: Thu, 27 Apr 95 12:34:22 EDT
- To: mfc@vnet.ibm.com
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
"Mike Cowlishaw" <mfc@VNET.IBM.COM> said: > > Dave Kristol wrote: > > But you might want a separate Opaque: value for each of Session-ID > > and WWW-Authenticate:. Better to leave them as attributes of a > > particular header, IMO. > > It's certainly true that one could have an 'opaque' field defined, > usefully, for almost any kind of header (different languages, for > example, or different dates, or modified by dates, or dependent on > URI, and so on). > > But it's over-heavy to define these as sub-fields of every kind of > header, rather than sub-classes of opaque data (if the latter really > are needed). I have to disagree: 1) Only a few headers need opaque. We're not burdening all, or anywhere close to all, of them. 2) It's a nuisance for the server to have to collate information from two different headers. In particular, if Opaque: has pieces that are labeled for different other headers (if I understand what you're proposing), then a server must, for example, parse both the Session-ID and Opaque headers to figure out what's going on. It's much simpler to keep all the information together and parse a single header. If you're assuming that there's a relationship between the value of Opaque for Session-ID and the value for WWW-Authenticate, I think you're wrong: I don't think they have any connection. Certainly there's no obligatory connection. Dave Kristol
Received on Thursday, 27 April 1995 09:45:21 UTC