- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Thu, 19 Jul 2012 20:48:01 +0000
- To: Philippe Mougin <pmougin@acm.org>
- cc: HTTP Working Group <ietf-http-wg@w3.org>, James Snell <jasnell@gmail.com>
In message <DA91A72D-BD1E-4E7F-9C7C-5DC0DFD6C000@acm.org>, Philippe Mougin writ es: >- HTTP was designed with the idea that there is no application state >(i.e., session state) stored on the server. This provides a number of >architectural benefits. That might have been the idea, but it is certainly not the (only) practice today. In fact, many appearantly server state-less sites, uses load-balancers to direct the client to the same server all the time, in order to benefit from database and VM caching of ... session-relevant state. I think that HTTP/2.0 should serve all relevant contemporary and future needs, and be less concerned about what ideas somebody had or didn't have 20 years ago. And after all, nobody is proposing that HTTP/2.0 make the server state-less model impossible to implement. I won't claim that the original idea could not have survived as the sole model, but if so, cookies should have been killed as a concept before it became the festing pile of state-poo they have become. The fact the EU has felt it necessary to legislate what cookies can contain and what they can be used for, should not be overlooked here. HTTP/2.0 can and will be scrutinized in Bxl for compliance with EU privacy and cookie directives. Being proactive might pay off. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 19 July 2012 20:49:35 UTC