W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: HTTP router point-of-view concerns

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Sat, 13 Jul 2013 23:40:19 +0100
Message-ID: <51E1D753.8080807@cs.tcd.ie>
To: Yoav Nir <ynir@checkpoint.com>
CC: Poul-Henning Kamp <phk@phk.freebsd.dk>, Mark Nottingham <mnot@mnot.net>, Sam Pullara <spullara@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>

Its a bit of a moot point I guess but...

On 07/13/2013 09:24 PM, Yoav Nir wrote:
> allow it to persist for as long as you want

I've always been amused that HTTP needs to be able to
manage state for decades. It'd be truly impressive if
a browser really managed state that lasts far longer
than the h/w on either side and probably also longer
than any piece of n/w kit in between.

If HTTP/2.0 were to impose an upper bound on cookie
lifetime of say, a session, that'd be good IMO. But I
guess that probably would be out of charter, even if
it'd be a good thing, as it'd break stuff. OTOH, it'd
arguably be a good thing to leave such stuff behind when
moving to HTTP/2.0.

Anyway, unless there's a groundswell of wg opinion that
cookies that expire in years are plain stupid and are
just not doing HTTP state management, I'll probably
shut up about it.

S.

PS: Yes, I know that forcing all cookies to be session
cookies would not be a panacea. Doesn't mean it wouldn't
be a good thing though.
Received on Saturday, 13 July 2013 22:40:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:14 UTC