Re: [http-state] I-D Action:draft-ietf-httpstate-cookie-03.txt

Achim Hoffmann <ah@securenet.de> Mon, 22 February 2010 23:04 UTC

Return-Path: <ah@securenet.de>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3999528C436 for <http-state@core3.amsl.com>; Mon, 22 Feb 2010 15:04:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[AWL=0.348, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VyA00wea7VTj for <http-state@core3.amsl.com>; Mon, 22 Feb 2010 15:04:24 -0800 (PST)
Received: from munich.securenet.de (munich.securenet.de [82.135.17.200]) by core3.amsl.com (Postfix) with ESMTP id 15BB428C41A for <http-state@ietf.org>; Mon, 22 Feb 2010 15:04:23 -0800 (PST)
Received: from oxee.securenet.de (unknown [10.30.18.40]) by munich.securenet.de (Postfix) with ESMTP id 5DACB27191 for <http-state@ietf.org>; Tue, 23 Feb 2010 00:06:23 +0100 (CET)
Received: by oxee.securenet.de (Postfix, from userid 65534) id 42ED01402027; Tue, 23 Feb 2010 00:06:23 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by oxee.securenet.de (Postfix) with ESMTP id 5E50C1402436 for <http-state@ietf.org>; Tue, 23 Feb 2010 00:06:21 +0100 (CET)
Received: from oxee.securenet.de ([127.0.0.1]) by localhost (oxee.securenet.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05456-04 for <http-state@ietf.org>; Tue, 23 Feb 2010 00:06:21 +0100 (CET)
Received: from tonga.securenet.de (tonga.securenet.de [10.30.18.34]) by oxee.securenet.de (Postfix) with ESMTP id 3B26F1402426; Tue, 23 Feb 2010 00:06:21 +0100 (CET)
Date: Tue, 23 Feb 2010 00:06:21 +0100 (MET)
From: Achim Hoffmann <ah@securenet.de>
To: http-state@ietf.org
Cc: http-state@ietf.org
In-Reply-To: <20100213080001.D07A03A73C7@core3.amsl.com>
Message-ID: <alpine.LNX.2.00.1002222350530.6570@tonga.securenet.de>
References: <20100213080001.D07A03A73C7@core3.amsl.com>
User-Agent: Alpine 2.00 (LNX 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: MULTIPART/Mixed; BOUNDARY=NextPart
Content-ID: <alpine.LNX.2.00.1002222350531.6570@tonga.securenet.de>
X-Virus-Scanned: Open-Xchange Express amavisd-new at oxee.securenet.de
Subject: Re: [http-state] I-D Action:draft-ietf-httpstate-cookie-03.txt
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2010 23:04:25 -0000

Is there a typo in 5.2.6.  The HttpOnly Attribute ?

  ".. with an attribute-name of Secure and an empt attribute-value."

I guess "Secure" should be "HttpOnly".

Achim

!! A New Internet-Draft is available from the on-line Internet-Drafts directories.
!! This draft is a work item of the HTTP State Management Mechanism Working Group of the IETF.
!! 
!! 
!! 	Title           : HTTP State Management Mechanism
!! 	Author(s)       : A. Barth
!! 	Filename        : draft-ietf-httpstate-cookie-03.txt
!! 	Pages           : 29
!! 	Date            : 2010-02-12
!! 
!! This document defines the HTTP Cookie and Set-Cookie headers.  These
!! headers can be used by HTTP servers to store state on HTTP user
!! agents, letting the servers maintain a stateful session over the
!! mostly stateless HTTP protocol.  The cookie protocol has many
!! historical infelicities and should be avoided for new applications of
!! HTTP.
!! 
!! 
!! NOTE: If you have suggestions for improving the draft, please send
!! 
!! email to http-state@ietf.org.  Suggestions with test cases are
!! 
!! especially appreciated.
!! 
!! A URL for this Internet-Draft is:
!! http://www.ietf.org/internet-drafts/draft-ietf-httpstate-cookie-03.txt
!! 
!! Internet-Drafts are also available by anonymous FTP at:
!! ftp://ftp.ietf.org/internet-drafts/
!! 
!! Below is the data which will enable a MIME compliant mail reader
!! implementation to automatically retrieve the ASCII version of the
!! Internet-Draft.