> In short, failing to endorse a session-id proposal won't save the Net
> from the problems of having session ID's --- rather, it will force
> people to create forms of session-id which you can't regulate, as
> such, because at the protocol level it's pretending to be something
> diafferent.
This is one of the most cogent points made in this debate. Market
pressures demand session-IDs, both for maintaintianing states and for user
tracking. Either session-ID capability will be implemented sensibly or it
won't, but in no case will its emergence be prevented...