i'm actually the one who brought this up in the cherrypy development forum. Let me first explain what the proposal is. It's not to replace cookies, but rather to decouple cookies from sessions. That is, provide a generalized sessionID extraction/insertion interface such that developers can choose between cookies, URLs, forms, or any other method for passing sessionID between server and client.
Why? Because many developers, myself included, have clients (as in customers, not client in client-server) with needs that exclude the use of cookies. I've seen comments from people whose clients demand that no cookies can be used. In my case, I have an XML-RPC server and a custom-built client that needs to maintain state; cookies won't work with the custom-built client my company uses. As a general matter, I think people tend to think about web frameworks as only applying to the development of traditional websites. If you consider web frameworks as a tool for developing web applications or web services, many of which include a server and non-browser client, then tying sessions to cookies is incredibly shortsighted.
