Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2

Dave Kristol (dmk@bell-labs.com)
Tue, 25 Mar 1997 09:44:54 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Kristol: "Re: RFC2109 addition..."
Previous message: Ross Patterson: "Re: cookie Port summary"
Maybe in reply to: David W. Morris: "Section 10.1.1 Combining Set-Cookie and Set-Cookie2"
Next in thread: David W. Morris: "Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2"
Reply: David W. Morris: "Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2"

David W. Morris wrote:
> 
> I fail to understand the rationale behind what to me is the most complex
> section in the whole document.  Why are we requiring UAs to combine
> the two headers?
> 
> I think there is no siginificant loss of functionality if this whole
> section is dropped along with the forward reference in the previous
> section.  Simply require the server to send both with appropriate
> attributes. If the UA understands both forms, it MUST send the new form
> and it must replace an existing matching form 1 with the new form.
> 
> Otherwise the UA doesn't understand both and sends the old form.

This issue has been discussed (but perhaps privately?)

The complaint from some parties was that the NAME=VALUE part of cookies, in
particular, can be (and already is) quite large.  So sending it twice, once
in Set-Cookie and once in Set-Cookie2 would incur a lot of network traffic.

I agree that sending a completely separate Set-Cookie2 header with its own
set of values would be much simpler.  But the network traffic that results
was deemed excessive.

Dave Kristol

Next message: Dave Kristol: "Re: RFC2109 addition..."
Previous message: Ross Patterson: "Re: cookie Port summary"
Maybe in reply to: David W. Morris: "Section 10.1.1 Combining Set-Cookie and Set-Cookie2"
Next in thread: David W. Morris: "Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2"
Reply: David W. Morris: "Re: Section 10.1.1 Combining Set-Cookie and Set-Cookie2"