Re: [http-state] Make draft-abarth-cookie-06 a working group item?
Daniel Stenberg <daniel@haxx.se> Fri, 11 December 2009 23:49 UTC
Return-Path: <daniel@haxx.se>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 49C103A696B for <http-state@core3.amsl.com>; Fri, 11 Dec 2009 15:49:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.424
X-Spam-Level:
X-Spam-Status: No, score=-6.424 tagged_above=-999 required=5 tests=[AWL=-4.175, BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mFNbdbxONZ+V for <http-state@core3.amsl.com>; Fri, 11 Dec 2009 15:49:36 -0800 (PST)
Received: from giant.haxx.se (giant.haxx.se [83.168.254.42]) by core3.amsl.com (Postfix) with ESMTP id 95EE73A67F6 for <http-state@ietf.org>; Fri, 11 Dec 2009 15:49:36 -0800 (PST)
Received: from giant.haxx.se (giant.haxx.se [83.168.254.42]) by giant.haxx.se (8.14.3/8.14.3/Debian-9) with ESMTP id nBBNmxoi031989; Sat, 12 Dec 2009 00:48:59 +0100
Date: Sat, 12 Dec 2009 00:48:59 +0100
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: Adam Barth <ietf@adambarth.com>
In-Reply-To: <7789133a0912111441t38d8142frecfc149e2d8464fd@mail.gmail.com>
Message-ID: <alpine.DEB.2.00.0912120005060.16918@tvnag.unkk.fr>
References: <7789133a0912111441t38d8142frecfc149e2d8464fd@mail.gmail.com>
User-Agent: Alpine 2.00 (DEB 1167 2008-08-23)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: http-state <http-state@ietf.org>
Subject: Re: [http-state] Make draft-abarth-cookie-06 a working group item?
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2009 23:49:38 -0000
On Fri, 11 Dec 2009, Adam Barth wrote: > Now that we're officially a working group, I propose that we adopt > draft-abarth-cookie-06 as working group item draft-ietf-http-state-cookie: +1 In general this is a pretty good spec now. Here's some additional random thoughts on the current version: Max-age is now specified to be: The value of the Max-Age attribute represents the maximum lifetime of the cookie, measured in seconds from the moment the user agent receives the cookie RFC2109 and 2965 that both include max-age defined Max-age to be: The Max-Age attribute defines the lifetime of the cookie, in seconds. ... with no mention of exactly when the cookie's birth is. I figure we can define it to be since the receive moment for convenience if nothing else. Counting from the sending moment would be hard, even if I bet most server side implementations basically assumes it is from the moment they send the cookie. The difference should be miniscule in most cases. I have some problems with this phrase in 4.2.1: NOTE: If the server supplies a Set-Cookie header that does not conform to the grammar in Section [TODO], the user agent might not supply a Cookie header that conforms to the preceding grammar. Is that a way to say that if the server violates the spec, so can the client? I don't see any reason to A) offer the client a way to not adhere to the spec and B) imply that the client would deal with improplerly formatted cookies in any particular way that isn't even following this spec! But of course, I'm not sure what the [TODO] is so I might have misunderstood this paragraph. And for the sake of it, I'll maintain that I am against section 5.3 rule number 2. I argue that both those cookie sort order keys are not a MUST. I just cannot agree with that. -- / daniel.haxx.se
- [http-state] Make draft-abarth-cookie-06 a workin… Adam Barth
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Daniel Stenberg
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Adam Barth
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Peter Saint-Andre
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Adam Barth
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Dan Winship
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Daniel Stenberg
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [http-state] Make draft-abarth-cookie-06 a wo… David Morris
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Dan Witte
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Daniel Stenberg
- Re: [http-state] Make draft-abarth-cookie-06 a wo… Adam Barth