Fwd: New Version Notification for draft-ietf-httpbis-rfc6265bis-00.txt

Mike West <mkwst@google.com> Tue, 11 October 2016 05:39 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C709112947C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 10 Oct 2016 22:39:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.516
X-Spam-Level:
X-Spam-Status: No, score=-9.516 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-2.996, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YssnmpOzDpHR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 10 Oct 2016 22:39:48 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B3F1129735 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 10 Oct 2016 22:39:47 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1btpj2-0006OX-JO for ietf-http-wg-dist@listhub.w3.org; Tue, 11 Oct 2016 05:35:40 +0000
Resent-Date: Tue, 11 Oct 2016 05:35:40 +0000
Resent-Message-Id: <E1btpj2-0006OX-JO@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mkwst@google.com>) id 1btpis-0006Nb-KU for ietf-http-wg@listhub.w3.org; Tue, 11 Oct 2016 05:35:30 +0000
Received: from mail-lf0-f49.google.com ([209.85.215.49]) by maggie.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mkwst@google.com>) id 1btpil-00070P-U1 for ietf-http-wg@w3.org; Tue, 11 Oct 2016 05:35:29 +0000
Received: by mail-lf0-f49.google.com with SMTP id x79so22915776lff.0 for <ietf-http-wg@w3.org>; Mon, 10 Oct 2016 22:35:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=OiIlZS07YF7sacFfSut/2GkdFLuntXGYqpgjI1sSXTg=; b=cD+ZCiJxIzh4s6YeLU9rWkGQTDQMFJStYeiqb/fk4UJUoUT9uM1nao2+8Fp3hKZcG5 RBE8SF5y4YU1AU1xpO+VzYa+25/N7GnLwj6O4DE2yKW2C/i/2dv+wHHvhd63e/L17ge+ eBQTEXPeL9JQ0MriWogw2dUNoX4KIihoeMl3xgubhQe43x20Fz8ji0T4FouzxTGFbiUZ wcF7nYIDkHwEtobhsb9mWKogXMQC1RCeRdwV9dIcrbL/66MAbatsXn2JnPZuucwy4XV2 pGnm1qiBGyhIcXKuZIdpaa6Cavqp7zrw0bZD632CljCvIS99bQKWwaKMhv8uFOpGSjrj kuUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=OiIlZS07YF7sacFfSut/2GkdFLuntXGYqpgjI1sSXTg=; b=jpeIVCYKbWdp0gpbwPG5duTp3PZOzVBrbfImfOAJ35GDaca75fcnB9QBeikrnojPK3 I2/RNfLVWGYYJU706X1tJA0TFYptHT7RgnGfmMjPYe9oE07njPIL/gxPwN6Q4ekwV8QR dRGsy0zZAI72FDjRQnOsf1njFvW6555qnDPHZm3nB5hR939QlZIC/OeV6rAsdLRKVojX RV7A05rAOKn8oC8mAqfM9NLdwJpECrToNyGCPArGhhl1wqOzBb0APKem/XmIvh+EedRW SSTBvGGBKYSCQGMyuTKdt70Y1M0cIY2A5lBWklyJEogp7ZgDna1Z5qCcl3x5uJFl4zEg wAqQ==
X-Gm-Message-State: AA6/9RmX8xqrdQzdouJaX3mqmrNG+LWqgLfX96Yx17sn9QUzGVApJhVC/cBvdD22ID0vpm/rLkF1p0BHdfbQHgAW
X-Received: by 10.25.41.137 with SMTP id p131mr1260303lfp.183.1476164096143; Mon, 10 Oct 2016 22:34:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.20.230 with HTTP; Mon, 10 Oct 2016 22:34:35 -0700 (PDT)
In-Reply-To: <147614675062.31404.12784998290683035391.idtracker@ietfa.amsl.com>
References: <147614675062.31404.12784998290683035391.idtracker@ietfa.amsl.com>
From: Mike West <mkwst@google.com>
Date: Tue, 11 Oct 2016 07:34:35 +0200
Message-ID: <CAKXHy=cPSN7OD3JcZfUMf2tY_NzXf1tyHcZ8LfDt7+_p9hxXoQ@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a113f1874950ffb053e903c24"
Received-SPF: pass client-ip=209.85.215.49; envelope-from=mkwst@google.com; helo=mail-lf0-f49.google.com
X-W3C-Hub-Spam-Status: No, score=-7.8
X-W3C-Hub-Spam-Report: AWL=1.742, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.313, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1btpil-00070P-U1 e8f50db32fc86d9afb2544d5ef79730d
X-Original-To: ietf-http-wg@w3.org
Subject: Fwd: New Version Notification for draft-ietf-httpbis-rfc6265bis-00.txt
Archived-At: <http://www.w3.org/mid/CAKXHy=cPSN7OD3JcZfUMf2tY_NzXf1tyHcZ8LfDt7+_p9hxXoQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32548
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

This -00 draft kicks off the process of updating RFC6265. The text should
be identical to the existing RFC, with the exception of the addition of
explicit step numbers to various algorithms for clarity. I would appreciate
it if interested folks would spot check this port, as it will serve as the
basis for the various changes that the group has suggested it would be
comfortable making.

In the near future, I plan to start bringing in text from the various
drafts we've adopted ("Leave Secure Cookies Alone
<https://httpwg.github.io/http-extensions/draft-ietf-httpbis-cookie-alone.html>",
"Cookie Prefixes
<https://httpwg.github.io/http-extensions/draft-ietf-httpbis-cookie-prefixes.html>",
"Same-Site Cookies
<https://httpwg.github.io/http-extensions/draft-ietf-httpbis-cookie-same-site.html>",
and "EAT Cookies <https://tools.ietf.org/html/draft-thomson-http-omnomnom>"),
and addressing some of the open issues
<https://github.com/httpwg/http-extensions/issues?q=is%3Aopen+is%3Aissue+label%3Aopp-sec>.
I'll try to do so granularly, so folks can have a reasonable chance of
evaluating each set of changes on its own.

Thanks!

-mike

---------- Forwarded message ----------
From: <internet-drafts@ietf.org>
Date: Tue, Oct 11, 2016 at 2:45 AM
Subject: New Version Notification for draft-ietf-httpbis-rfc6265bis-00.txt
To: httpbis-chairs@ietf.org, Mike West <mkwst@google.com>



A new version of I-D, draft-ietf-httpbis-rfc6265bis-00.txt
has been successfully submitted by Mike West and posted to the
IETF repository.

Name:           draft-ietf-httpbis-rfc6265bis
Revision:       00
Title:          HTTP State Management Mechanism
Document date:  2016-10-10
Group:          httpbis
Pages:          35
URL:            https://www.ietf.org/internet-drafts/draft-ietf-httpbis-
rfc6265bis-00.txt
Status:         https://datatracker.ietf.org/doc/draft-ietf-httpbis-
rfc6265bis/
Htmlized:       https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-00


Abstract:
   This document defines the HTTP Cookie and Set-Cookie header fields.
   These header fields can be used by HTTP servers to store state
   (called cookies) at HTTP user agents, letting the servers maintain a
   stateful session over the mostly stateless HTTP protocol.  Although
   cookies have many historical infelicities that degrade their security
   and privacy, the Cookie and Set-Cookie header fields are widely used
   on the Internet.  This document obsoletes RFC 2965.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat