On Fri, 2009-02-20 at 23:34 +0000, Theo Zourzouvillys wrote: > > More importantly, such a value-less parameter does nothing > > useful: If the client will accept requests without cookies, a request > > without the parameter will be accepted. If the client will not accept > > requests without cookies, a request without the parameter will elicit a > > 4XX response, which can be used to resend the request. > > A server could behave differently when it receives a request without a > cookie in it, for example require authentication, redirect the user > statelessly to another transport, or something we've not thought of > just yet :-)
"A server may choose to apply additional security mechanisms to a request without a cookie parameter." > It's also useful for diagnostic purposes for deployment: how will we > know when adoption is so widespread it would be safe to require > support for it for a request to proceed? Good point. It would help if you added these points to the draft. Dale _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
