Re: [http-state] {Dangerous Content?} I-D Action:draft-ietf-httpstate-cookie-03.txt
Achim Hoffmann <ah@securenet.de> Tue, 23 February 2010 07:52 UTC
Return-Path: <ah@securenet.de>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id EA43528C25D for <http-state@core3.amsl.com>;
Mon, 22 Feb 2010 23:52:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.04
X-Spam-Level:
X-Spam-Status: No, score=-2.04 tagged_above=-999 required=5 tests=[AWL=0.209,
BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g2Qujc2n+3B8 for
<http-state@core3.amsl.com>; Mon, 22 Feb 2010 23:52:46 -0800 (PST)
Received: from munich.securenet.de (munich.securenet.de [82.135.17.200]) by
core3.amsl.com (Postfix) with ESMTP id E4C8528C252 for <http-state@ietf.org>;
Mon, 22 Feb 2010 23:52:45 -0800 (PST)
Received: from oxee.securenet.de (unknown [10.30.18.40]) by
munich.securenet.de (Postfix) with ESMTP id 5877C27191 for
<http-state@ietf.org>; Tue, 23 Feb 2010 08:54:47 +0100 (CET)
Received: by oxee.securenet.de (Postfix, from userid 65534) id 438BC140202A;
Tue, 23 Feb 2010 08:54:47 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by oxee.securenet.de
(Postfix) with ESMTP id 981D81402027 for <http-state@ietf.org>;
Tue, 23 Feb 2010 08:54:46 +0100 (CET)
Received: from oxee.securenet.de ([127.0.0.1]) by localhost (oxee.securenet.de
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 25355-06 for
<http-state@ietf.org>; Tue, 23 Feb 2010 08:54:46 +0100 (CET)
Received: from [10.30.18.9] (krakatau.securenet.de [10.30.18.9]) by
oxee.securenet.de (Postfix) with ESMTP id 73217140242E for
<http-state@ietf.org>; Tue, 23 Feb 2010 08:54:46 +0100 (CET)
Message-ID: <4B8389C3.1080903@securenet.de>
Date: Tue, 23 Feb 2010 08:54:43 +0100
From: Achim Hoffmann <ah@securenet.de>
Organization: SecureNet
User-Agent: who">cares?
MIME-Version: 1.0
To: http-state@ietf.org
References: <20100213080001.D07A03A73C7@core3.amsl.com>
In-Reply-To: <20100213080001.D07A03A73C7@core3.amsl.com>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Open-Xchange Express amavisd-new at oxee.securenet.de
Subject: Re: [http-state] {Dangerous Content?} I-D
Action:draft-ietf-httpstate-cookie-03.txt
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>,
<mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>,
<mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2010 07:52:47 -0000
The section
5.4. The Cookie Header
2. Sort the cookie-list in the following order:
seems to be incmplete (missing the [TODO: ...] comment :)
Should I comment on that in detail in the other thread?
Subject: [http-state] Summary of discussion of Ticket 5 (Cookie ordering)
Achim
Internet-Drafts@ietf.org wrote on 13.02.2010 09:00:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the HTTP State Management Mechanism Working Group of the IETF.
>
>
> Title : HTTP State Management Mechanism
> Author(s) : A. Barth
> Filename : draft-ietf-httpstate-cookie-03.txt
> Pages : 29
> Date : 2010-02-12
>
> This document defines the HTTP Cookie and Set-Cookie headers. These
> headers can be used by HTTP servers to store state on HTTP user
> agents, letting the servers maintain a stateful session over the
> mostly stateless HTTP protocol. The cookie protocol has many
> historical infelicities and should be avoided for new applications of
> HTTP.
>
>
> NOTE: If you have suggestions for improving the draft, please send
>
> email to http-state@ietf.org. Suggestions with test cases are
>
> especially appreciated.
>
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-httpstate-cookie-03.txt
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
Subject: [http-state] Summary of discussion of Ticket 5 (Cookie ordering)
- [http-state] I-D Action:draft-ietf-httpstate-cook… Internet-Drafts
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Achim Hoffmann
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Julian Reschke
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Achim Hoffmann
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Adam Barth
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Adam Barth
- Re: [http-state] I-D Action:draft-ietf-httpstate-… David Morris
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Achim Hoffmann
- Re: [http-state] {Dangerous Content?} I-D Action:… Achim Hoffmann
- Re: [http-state] I-D Action:draft-ietf-httpstate-… Adam Barth
- Re: [http-state] {Dangerous Content?} I-D Action:… Adam Barth