[http-state] New version of Cookie v2 (RFC2965-bis proposal)

"Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com> Sun, 07 March 2010 19:00 UTC

Return-Path: <yngve@opera.com>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id B686E28C1C5 for <http-state@core3.amsl.com>; Sun, 7 Mar 2010 11:00:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.999
X-Spam-Status: No, score=-6.999 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id dBo2jpauY2HS for <http-state@core3.amsl.com>; Sun, 7 Mar 2010 11:00:52 -0800 (PST)
Received: from smtp.opera.com (smtp.opera.com []) by core3.amsl.com (Postfix) with ESMTP id 9DE3528C1BF for <http-state@ietf.org>; Sun, 7 Mar 2010 11:00:51 -0800 (PST)
Received: from acorna ( []) (authenticated bits=0) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o27IsP5V027129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <http-state@ietf.org>; Sun, 7 Mar 2010 18:54:28 GMT
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
To: "Discuss HTTP State Management Mechanism" <http-state@ietf.org>
Date: Sun, 07 Mar 2010 19:54:23 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
Organization: Opera Software AS
Message-ID: <op.u87n4xd7qrq7tp@acorna>
User-Agent: Opera Mail/10.10 (Win32)
Subject: [http-state] New version of Cookie v2 (RFC2965-bis proposal)
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Mar 2010 19:00:52 -0000

Hello all,

I have refreshed draft-pettersen-cookie-v2, my proposal for RFC2965-bis.


A new version of I-D, draft-pettersen-cookie-v2-05.txt has been  
successfuly submitted by Yngve Pettersen and posted to the IETF repository.

Filename:	 draft-pettersen-cookie-v2
Revision:	 05
Title:		 HTTP State Management Mechanism v2
Creation_date:	 2010-03-07
WG ID:		 Independent Submission
Number_of_pages: 30

This document specifies a way to create a stateful session with
Hypertext Transfer Protocol (HTTP) requests and responses.  It
describes three HTTP headers, Cookie, Cookie2, and Set-Cookie2, which
carry state information between participating origin servers and user
agents.  The method described here differs from both Netscape's
Cookie proposal [Netscape], and [RFC2965], but it can, provided some
requirements are met, interoperate with HTTP/1.1 user agents that use
Netscape's method.  (See the HISTORICAL section.)

This document defines new rules for how cookies can be shared between
servers within a domain.  These new rules are intended to address
security and privacy concerns that are difficult to counter for
clients implementing Netscape's proposed rules or the rules specified
by RFC 2965.

This document reflects implementation experience with RFC 2965 and
obsoletes it.

Yngve N. Pettersen

Senior Developer                     Email: yngve@opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01