W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

RE: making progress on cookies

From: David W. Morris <dwm@xpasc.com>
Date: Sat, 11 Oct 1997 12:31:41 -0700 (PDT)
To: Yaron Goland <yarong@microsoft.com>
Cc: Dave Kristol <dmk@research.bell-labs.com>, http-state@lists.research.bell-labs.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <Pine.GSO.3.96.971011122750.1207A-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/4550 


On Fri, 10 Oct 1997, Yaron Goland wrote:

> An alternative proposal is to take the signed cookie draft and combine
> it with the protocol draft and put that up as the standard. That way we
> don't have to argue over heuristics which prevent legitimate
> functionality and instead use a policy based system backed up with
> authentication.

This alternative would not be a complete solution since it would drop
the default specification for cookie privacy when the cookie presented
was not signed.

I have no problem with an alternative which includes completing work
on the signed cookie proposal but I see that as additional specification
and not replacing some form of the existing privacy specifications.

Dave Morris
Received on Saturday, 11 October 1997 12:34:13 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:21 UTC