I am surprised I missed this on the blogosphere, David tells the truth. Session state is evil. If you have worked with low-level HTTP applications, really getting at HTTP then you know this is true. If you write basic ASP pages and save variables, you might not have to deal with this issue.
The basics of saving variables on the server side is an easy thing to do. But once you start to get millions of users and then relying on the application server to maintain state for each user, it gets tricky. And trusting the application server may not be the best idea. I will let you read the article and let you decide.