IETF Logo Mail Archive

Re: HTTPBis BOF followup - should RFC 2965 (cookie) be in scope for the WG?

Keith Moore <moore@cs.utk.edu> Tue, 28 August 2007 19:41 UTC

Return-path: <discuss-bounces@apps.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IQ6wV-0008I9-34; Tue, 28 Aug 2007 15:41:39 -0400
Received: from discuss by megatron.ietf.org with local (Exim 4.43) id 1IQ6wT-0008CD-Rl for discuss-confirm+ok@megatron.ietf.org; Tue, 28 Aug 2007 15:41:37 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IQ6wT-0008Ac-Hk for discuss@apps.ietf.org; Tue, 28 Aug 2007 15:41:37 -0400
Received: from shu.cs.utk.edu ([160.36.56.39]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IQ6wQ-0006bz-Th for discuss@apps.ietf.org; Tue, 28 Aug 2007 15:41:37 -0400
Received: from localhost (localhost [127.0.0.1]) by shu.cs.utk.edu (Postfix) with ESMTP id 23D801EE2C8; Tue, 28 Aug 2007 15:41:33 -0400 (EDT)
X-Virus-Scanned: by amavisd-new with ClamAV and SpamAssasin at cs.utk.edu
Received: from shu.cs.utk.edu ([127.0.0.1]) by localhost (bes.cs.utk.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2qrg3P9yIHxs; Tue, 28 Aug 2007 15:41:31 -0400 (EDT)
Received: from lust.indecency.org (user-119b1dm.biz.mindspring.com [66.149.133.182]) by shu.cs.utk.edu (Postfix) with ESMTP id DB4741EE130; Tue, 28 Aug 2007 15:41:30 -0400 (EDT)
Message-ID: <46D47A5B.3060601@cs.utk.edu>
Date: Tue, 28 Aug 2007 15:41:15 -0400
From: Keith Moore <moore@cs.utk.edu>
User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728)
MIME-Version: 1.0
To: Alexey Melnikov <alexey.melnikov@isode.com>
Subject: Re: HTTPBis BOF followup - should RFC 2965 (cookie) be in scope for the WG?
References: <46BDE53B.1070404@isode.com> <46D332AD.5070702@isode.com>
In-Reply-To: <46D332AD.5070702@isode.com>
X-Enigmail-Version: 0.95.2
OpenPGP: id=E1473978
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: Apps Discuss <discuss@apps.ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
X-BeenThere: discuss@apps.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: general discussion of application-layer protocols <discuss.apps.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=unsubscribe>
List-Post: <mailto:discuss@apps.ietf.org>
List-Help: <mailto:discuss-request@apps.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/discuss>, <mailto:discuss-request@apps.ietf.org?subject=subscribe>
Errors-To: discuss-bounces@apps.ietf.org

3. maybe

in particular, the group might consider that the privacy mechanisms
specified have not worked so well, and consider whether there should be
some additional protection for users against abuse of cookies.  I don't
think it would be appropriate for the WG to relax protections against
cookie abuse.

however this topic might be a rathole and might best be deferred until
the group has completed other milestones.
>> Hi folks,
>> Answers to this question during the BOF were not conclusive, so I
>> would like to poll mailing list members on whether revision of RFC
>> 2965 (HTTP State Management Mechanism) should be in scope for the
>> proposed WG.
>>
>> Question: Should RFC 2965 revision be in scope for the WG?
>>
>> Please chose one of the following answers:
>>
>> 1). No
>> 2). Yes
>> 3). Maybe (this includes "yes, but when the WG completes the
>> currently proposed milestones" and "yes, but this should be done in
>> another WG")
>> 4). I have another opinion, which is ....
>>
>> Please send answers to the mailing list, or directly to me *and* Mark
>> Nottingham <mnot@mnot.net>et>.
>> And of course feel free to ask clarifying questions/correct list of
>> answers.
>
> If you haven't replied to this question, please send your replies by
> September 3rd.
>
> Thanks,
> Alexey
>
>
>
>

v2.8.7 | Report a Bug | By Email