RE: Revised Charter
M. Hedlund (hedlund@best.com)
Wed, 1 Nov 1995 13:40:19 -0700
At 2:06 PM 11/1/95, Beth Frank wrote (quoting Shel):
>> The list looks pretty good to me, but I'd also like to see the following
>> on it:
>>
>> - state management (for example, the state-info proposal by Dave Kristol)
><Rest of Shel's message cut>
>
>I'd like to second the addition of state management. Our initial development
>plans for sessions (or state) included support of Netscape's cookie, however
>I've been informed by someone who watches www-talk much more closely than I do,
>that there is some debate over whether the Netscape implementation is the way
>it should be handled.
I certainly agree that state-info should be in there, and I _very_ strongly
agree that Dave Kristol's proposal is a far superior implementation to
cookies. Most of my complaints with the cookie proposal have to do with
privacy, which has been discussed at length on www-talk. A number of
cookie implementations have had serious privacy problems; and I have yet to
see an implementation that gives the user any clue as to what the hell it's
doing.
Since Dave's proposal makes very reasonable efforts to reduce no-caching,
and since the whole proposal makes session-munged URLs unnecessary, this
issue falls well within the scope of Shel's closing statement:
>I also think this group shouldn't do one more single thing until
>all issues related to caching are completely nailed down.
[Back to Beth:]
>If the group can come to some agreement on how sessions and states should be
>handled, we'll implement it (on the server side) early '96.
That would be great. Any server supporting CGI can be made to use
State-info through scripts, so if clients start recognizing it, the rest of
the implementation can be done pretty quickly.
M. Hedlund <hedlund@best.com>