 |
 |
The session id details seem mostly clear but there's one area I'm not clear about. When the server assigns a session id, does the client then include that id in subsequent requests within that session? I assumed yes, but I inferred from Rob (K) that it wasn't necessary. Maybe I mis-understood. Assuming so: If the client doesn't support (or care about) sessions, it won't include the session id. And (I think we've decided) the client isn't going to request that a session id be assigned, the server will do that unilaterally. So when the server gets a request without a session id, it will assume a new session, and will assign a new session id, which the client won't use, etc. So the server will assign a bunch of session ids that won't be used. Is that a problem? (In terms of wasted resources.) --Ray