[websec] Slides uploaded

Yoav Nir <ynir@checkpoint.com> Tue, 12 March 2013 17:15 UTC

Return-Path: <ynir@checkpoint.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 104FC11E80B8 for <websec@ietfa.amsl.com>; Tue, 12 Mar 2013 10:15:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.577
X-Spam-Status: No, score=-10.577 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id UJDZHJB6i57G for <websec@ietfa.amsl.com>; Tue, 12 Mar 2013 10:15:46 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com []) by ietfa.amsl.com (Postfix) with ESMTP id 2B93711E80A5 for <websec@ietf.org>; Tue, 12 Mar 2013 10:15:45 -0700 (PDT)
Received: from DAG-EX10.ad.checkpoint.com ([]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r2CHFix9001400 for <websec@ietf.org>; Tue, 12 Mar 2013 19:15:44 +0200
X-CheckPoint: {513F61FF-0-1B221DC2-2FFFF}
Received: from IL-EX10.ad.checkpoint.com ([]) by DAG-EX10.ad.checkpoint.com ([]) with mapi id 14.02.0342.003; Tue, 12 Mar 2013 19:15:44 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: IETF WebSec WG <websec@ietf.org>
Thread-Topic: Slides uploaded
Thread-Index: AQHOH0U7/ByHpPGxqUWNsPCtAhiOhg==
Date: Tue, 12 Mar 2013 17:15:44 +0000
Message-ID: <CCA09D5A-03F2-480F-9788-153C29ECF5FF@checkpoint.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: multipart/alternative; boundary="_000_CCA09D5A03F2480F9788153C29ECF5FFcheckpointcom_"
MIME-Version: 1.0
Subject: [websec] Slides uploaded
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 17:15:49 -0000

Hi all.

The agenda is updated and the meeting slides are not on the meeting materials page.

We will be discussing a proposal to replace the session cookie mechanism. For a comprehensive review of what is wrong with using cookies to maintain sessions, you may want to read the document "Weaning the Web Off of Session Cookies" [1]. We are not likely to have time to discuss all of these issues, but we could be trying to solve them.


  *   Agenda: http://www.ietf.org/proceedings/86/agenda/agenda-86-websec
  *   Slides: https://datatracker.ietf.org/meeting/86/materials.html#websec
  *   Weaning the Web Off of Session Cookies: http://www.vsecurity.com/download/papers/WeaningTheWebOffOfSessionCookies.pdf


[1] Not to be confused with "Weaning the IETF Off of inter-Session Cookies"