- From: Nico Williams <nico@cryptonector.com>
- Date: Fri, 19 Jul 2013 11:54:56 -0500
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Mark Nottingham <mnot@mnot.net>, Sam Pullara <spullara@gmail.com>, James M Snell <jasnell@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Jul 12, 2013 at 6:44 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > I have given a concrete example multiple times, it's very simple: So you think all session state should always be stored on the server, period? It's hard to disagree, but I was under the impression that many services need to be stateless (storing session state in encrypted cookies) for various reasons. The assumption being made by the WG that per-connection compression state is no biggie bothers me. I think it's a huge deal, but it does go hand in hand with an assumption that all session state is to be stored by the server, which makes sense to me. Is there consensus for such assumptions? Nico --
Received on Friday, 19 July 2013 16:55:25 UTC