Re: [http-state] Is this an omission in the parser rules of draft-ietf-httpstate-cookie-21?

"Remy Lebeau" <remy@lebeausoftware.org> Fri, 04 February 2011 18:10 UTC

Return-Path: <remy@lebeausoftware.org>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9FCF13A6A0F for <http-state@core3.amsl.com>; Fri, 4 Feb 2011 10:10:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6PCJ70fTgwXk for <http-state@core3.amsl.com>; Fri, 4 Feb 2011 10:10:52 -0800 (PST)
Received: from smtpoutwbe03.prod.mesa1.secureserver.net (smtpoutwbe03.prod.mesa1.secureserver.net [208.109.78.114]) by core3.amsl.com (Postfix) with SMTP id 9BA423A6968 for <http-state@ietf.org>; Fri, 4 Feb 2011 10:10:52 -0800 (PST)
Received: (qmail 6370 invoked from network); 4 Feb 2011 18:14:17 -0000
Received: from unknown (HELO mm02.prod.mesa1.secureserver.net) (208.109.138.2) by smtpoutwbe03.prod.mesa1.secureserver.net with SMTP; 4 Feb 2011 18:14:17 -0000
Received: (qmail 18641 invoked by uid 99); 4 Feb 2011 18:14:17 -0000
Message-ID: <20110204181417.18637.qmail@mm02.prod.mesa1.secureserver.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_942af7867392b2f6203b1a4d23f44d0c"
Message_ID: <20110204111417.f00013ceab8fb1928885c5c172fbfd4a.c91a03ce54.wbe@mobilemail.secureserver.net>
From: "Remy Lebeau" <remy@lebeausoftware.org>
To: ietf@adambarth.com, http-state@ietf.org
Date: Fri, 04 Feb 2011 11:14:17 -0700
X-Originating-IP: 76.93.119.83
Subject: Re: [http-state] Is this an omission in the parser rules of draft-ietf-httpstate-cookie-21?
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2011 18:10:54 -0000

-------- Original Message --------
Subject: Re: [http-state] Is this an omission in the parser rules of
draft-ietf-httpstate-cookie-21?
From: Adam Barth <ietf@adambarth.com>;
Date: Thu, February 03, 2011 7:25 pm
To: Remy Lebeau <remy@lebeausoftware.org>;
Cc: http-state@ietf.org

> Are you implementing a user agent or a server?  

Both, actually. I work on an open-source library, Indy
(http://www.indyproject.org), which implements a lot of Internet
protocols, including both http client and server components.

My main concern is that while not common, I have seen RFC 2109 cookies
in the wild before, quoted cookie-av values and all. Since the draft
tries to allow for "maximum interoperability", it should allow for user
agents to parse RFC 2109 formatted cookies from servers.