W3C home > Mailing lists > Public > www-talk@w3.org > March to April 1995

Re: Shopping baskets (was: Session tracking)

From: Dmitry Mishin <ptitz@dux.ru>
Date: Thu, 27 Apr 1995 17:39:07 +0400 (MSD)
Message-Id: <199504271339.RAA04877@dux.ru>
To: www-talk@www10.w3.org
> 
> I don't think HTTP, with or without cookies, will ever be suitable for
> electronic shopping. In the physical world, products are scarce, and
> when one customer puts it in his basket, nobody else can get it
> anymore. You need not just a stateful protocol, but a permanent
> connection: if the customer leaves the shop without paying, then you
> can put the product back on the shelf. A magic cookie is like an
> indefinite claim: if the customer is allowed to take it home with him,
> you'll never know if he's planning to buy it eventually or not.

I think timeouts, when client have timeout error and need to
repeat operation, while server successfully complete this, is more 
dangerous. Formally one can use session-id or cookie for ignoring same 
operation from same client, but such protocol seems too weak for operations 
with money or something similar.  
 
D.
Received on Thursday, 27 April 1995 09:39:56 UTC

This archive was generated by hypermail 2.4.0 : Monday, 20 January 2020 16:08:16 UTC