- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 19 Jul 2013 18:19:27 +0000
- To: Nico Williams <nico@cryptonector.com>
- cc: Mark Nottingham <mnot@mnot.net>, Sam Pullara <spullara@gmail.com>, James M Snell <jasnell@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
In message <CAK3OfOjSjPXZhA5TvTn8nuJgu9V_wGE81LRz5axfFuifjymj7w@mail.gmail.com> , Nico Williams writes: >I'm not sure how any session identifier would survive silly >anti-cookie regulations from the EU. A session ID is still a cookie. Read the actual regulation ? >I don't see how PRISM affects this either. If anything, keeping >session state on the server... only helps PRISM: more data to chomp on. It means that any random computer I use to access a given service is not polluted with bit-droppings saying I did so. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 19 July 2013 18:19:50 UTC