Re: Opaque

"Mike Cowlishaw" <mfc@VNET.IBM.COM> said:
  > > Dave Kristol wrote:
  > > But you might want a separate Opaque: value for each of Session-ID
  > > and WWW-Authenticate:.  Better to leave them as attributes of a
  > > particular header, IMO.
  > It's certainly true that one could have an 'opaque' field defined,
  > usefully, for almost any kind of header (different languages, for
  > example, or different dates, or modified by dates, or dependent on
  > URI, and so on).
  > But it's over-heavy to define these as sub-fields of every kind of
  > header, rather than sub-classes of opaque data (if the latter really
  > are needed).

I have to disagree:
1) Only a few headers need opaque.  We're not burdening all, or anywhere
close to all, of them.

2) It's a nuisance for the server to have to collate information from
two different headers.  In particular, if Opaque: has pieces that are
labeled for different other headers (if I understand what you're
proposing), then a server must, for example, parse both the Session-ID
and Opaque headers to figure out what's going on.  It's much simpler to
keep all the information together and parse a single header.

If you're assuming that there's a relationship between the value of
Opaque for Session-ID and the value for WWW-Authenticate, I think
you're wrong:  I don't think they have any connection.  Certainly
there's no obligatory connection.

Dave Kristol

Received on Thursday, 27 April 1995 09:45:21 UTC