Why HTTP/2.0 does not seem interesting (2012)

[_delirium]

There's some discussion in this thread: http://lists.w3.org/Archives/Public/ietf-http-wg/2012JulSep/...

in short,

   the need for a Session header to replace the use of Cookies
   for basic session management

[cldr]

So is that just cookies by another name?

[Qantourisc]

Cookies with an expire of session and secure flag set: yes. But this should be more secure, and stored for 1 session implicitly.

[jimktrains2]

And in theory less data, right? a session ID doesn't need to store the kilobytes that cookies do.

[yalogin]

Why can't there be multiple sessions for different functionalities? I am not sure people are going to relinquish the cookie concept. All the sessions are doing is have the "cookies" transported as part of the HTTP message and not as a separate file (payload)

[jimktrains2]

I'm not sure I understand you.

I'm talking about a Session-ID header that'd have a 128bit (say) max length or something. Not something that has a few kb limit like a cookie.

Also, a GET request wouldn't send a payload so I'm not sure what you mean.

[jessaustin]

Cookies are sent in the Cookie and Set-Cookie headers. No separate files.