[http-state] [Technical Errata Reported] RFC6265 (6719)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 22 October 2021 23:33 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: http-state@ietfa.amsl.com
Delivered-To: http-state@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79F323A0880 for <http-state@ietfa.amsl.com>; Fri, 22 Oct 2021 16:33:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KshYHTKxLNJ5 for <http-state@ietfa.amsl.com>; Fri, 22 Oct 2021 16:33:24 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63C493A08D9 for <http-state@ietf.org>; Fri, 22 Oct 2021 16:33:22 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 499) id 952B3F5CFF; Fri, 22 Oct 2021 16:33:19 -0700 (PDT)
To: abarth@eecs.berkeley.edu, superuser@gmail.com, francesca.palombini@ericsson.com, Jeff.Hodges@kingsmountain.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: philip@gladstonefamily.net, http-state@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20211022233319.952B3F5CFF@rfc-editor.org>
Date: Fri, 22 Oct 2021 16:33:19 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/http-state/eMihgPEEcl8Zg461akEiYAPT2Pg>
Subject: [http-state] [Technical Errata Reported] RFC6265 (6719)
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-state/>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Oct 2021 23:33:30 -0000
The following errata report has been submitted for RFC6265, "HTTP State Management Mechanism". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6719 -------------------------------------- Type: Technical Reported by: Philip Gladstone <philip@gladstonefamily.net> Section: 4.1.1 Original Text ------------- max-age-av = "Max-Age=" non-zero-digit *DIGIT Corrected Text -------------- max-age-av = "Max-Age=" non-negative-integer non-negative-integer = zero-digit / (non-zero-digit *DIGIT) zero-digit = %x30 Notes ----- In section 5.2.2, there is the following text on the value of the max-age: > Let delta-seconds be the attribute-value converted to an integer. > > If delta-seconds is less than or equal to zero (0), let expiry-time > be the earliest representable date and time. If max-age is an integer greater than 0, then the entire sentence is meaningless. It is a common practice to use max-age=0 to expire a cookie immediately. I think that the ABNF is incorrect. However, I don't see any reason to permit negative values. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC6265 (draft-ietf-httpstate-cookie-23) -------------------------------------- Title : HTTP State Management Mechanism Publication Date : April 2011 Author(s) : A. Barth Category : PROPOSED STANDARD Source : HTTP State Management Mechanism Area : Applications Stream : IETF Verifying Party : IESG
- [http-state] [Technical Errata Reported] RFC6265 … RFC Errata System