IETF Logo Mail Archive

Re: Proposal: Cookie Priorities

Daniel Stenberg <daniel@haxx.se> Mon, 07 March 2016 08:18 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BADE1B375A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 7 Mar 2016 00:18:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.303
X-Spam-Level:
X-Spam-Status: No, score=-6.303 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_66=0.6, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WF9KOu0NyJjw for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 7 Mar 2016 00:18:39 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C72E1B3753 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 7 Mar 2016 00:18:39 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1acqI1-0001so-Bc for ietf-http-wg-dist@listhub.w3.org; Mon, 07 Mar 2016 08:13:17 +0000
Resent-Date: Mon, 07 Mar 2016 08:13:17 +0000
Resent-Message-Id: <E1acqI1-0001so-Bc@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <daniel@haxx.se>) id 1acqHu-0001s2-6g for ietf-http-wg@listhub.w3.org; Mon, 07 Mar 2016 08:13:10 +0000
Received: from giant.haxx.se ([80.67.6.50] ident=root) by maggie.w3.org with esmtp (Exim 4.80) (envelope-from <daniel@haxx.se>) id 1acqHq-0004jG-19 for ietf-http-wg@w3.org; Mon, 07 Mar 2016 08:13:09 +0000
Received: from giant.haxx.se (dast@localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-3) with ESMTPS id u278Cd3t012816 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Mar 2016 09:12:39 +0100
Received: from localhost (dast@localhost) by giant.haxx.se (8.15.2/8.15.2/Submit) with ESMTP id u278Cd3r012809; Mon, 7 Mar 2016 09:12:39 +0100
X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs
Date: Mon, 07 Mar 2016 09:12:39 +0100
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: Mike West <mkwst@google.com>
cc: HTTP Working Group <ietf-http-wg@w3.org>, Samuel Huang <huangs@google.com>, Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CAKXHy=dvxE5f25_xx3mKTc+XRDU_Hp=uFDy-iL-_c0s+xHGydw@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.1603070855070.25615@tvnag.unkk.fr>
References: <CAKXHy=dvxE5f25_xx3mKTc+XRDU_Hp=uFDy-iL-_c0s+xHGydw@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Received-SPF: pass client-ip=80.67.6.50; envelope-from=daniel@haxx.se; helo=giant.haxx.se
X-W3C-Hub-Spam-Status: No, score=-6.2
X-W3C-Hub-Spam-Report: AWL=0.010, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1acqHq-0004jG-19 f2d57bfd05433ac301727709a8409dfc
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Proposal: Cookie Priorities
Archived-At: <http://www.w3.org/mid/alpine.DEB.2.20.1603070855070.25615@tvnag.unkk.fr>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31209
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, 3 Mar 2016, Mike West wrote:

> https://tools.ietf.org/html/draft-west-cookie-priority-00. Apologies for
> the years of delay. :/

Count me as another skeptic.

Since implementing support different cookie priority levels requires changing 
the server ends, wouldn't it be better to ask server admins to instead stop 
polluting the same domain with excessive amounts of cookies? I presume the 
primary cookie limit you're talking about number of cookies per domain. 
Alternatively, advocate for a higher limit (even though RFC6265 only suggests 
certain limits, browsers are free to user higher)?

What happens to cookies that are actually called 'Priority' ? It seems like a 
very standard name for a cookie and to me it seems like there's room for 
confusion for services that already use Priority set to Low/High etc. I don't 
see any mentioning of how to handle this.

This mechanism adds more complexity to an already complicated and messed up 
concept.

I'm also a bit sad to hear that Chrome+Google already implement this, as it 
feels like a certain degree of the old web war tactics all over again. It 
won't really matter what we say in this work group, as Google services will 
work less good without this feature and Chrome already works like this, so in 
order to keep users happy, user agents are strong-armed into following...

-- 

  / daniel.haxx.se

v2.23.0 | Report a Bug | By Email