[romaniv]

Although I fully agree with the author's critique of cookies for instance, the idea of replacing them with something "better" frankly scares the crap out of me. Especially when the word "identity" is being used.

Ever heard of evercookie? Does that not scare you? Would creating a clean, well-understood solutions that users can actually control not be better than what we have now?

There is just so much wrong with cookies, it's really surprising that no HTTP upgrades propose anything better. For one, cookies confuse session information and client-side storage, and thus work poorly in both roles.

[woobles]

An evercookie is actually pretty straightforward to remove, if you know what you're doing with firebug/firecookie. The only tricky thing it does is persist a cookie in the sessionStorage of your window object, which isn't cleared when you clear your browser cache.