Major Description
The current default implementation of HtmlResponseStateManager sends the viewId inside the token for server side state saving and client side state saving, but it is just useless information, because it is not used in any way.
Instead, JSF 2.0 spec defines that the viewId is derived in RestoreViewPhase from the url, following a specified set of rules (see restoreViewSupport.calculateViewId() ).
In server side state saving the viewId is used as part of the key used to restore the state from session map, which is reasonable.
The proposed change involves do not add this information into the token, because it is useless. Anyway, in client side state saving it has sense to send the viewId or some similar information into the state, and include a logic to check if the viewId match with the calculated viewId, to ensure the state can be applied to the expected view.