Re: Session-ID proposal

David Morris ([email protected])
Sun, 20 Aug 1995 17:38:17 -0700 (PDT)


I must have missed something ... if I build an application which needs
session like control, I have a real hard time believing that I would
find any intermediate caching (as in proxy) acceptable. Providing a
mechanism where any arbitrary user could retrieve information cached
from a session-id based connection seems like an unnecessary exposure
of semi-private information.

On Mon, 14 Aug 1995, Jim Seidman wrote:

> [...]
> Given these considerations, and the slowly increasing use of "Expires"
> headers, State-Info could be expensive indeed.

Hence, I would contend State-Info will have little impact since
caching would/should be disabled in most contexts where State-Info
applies.

Dave Morris