W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

I-D ACTION:draft-ietf-http-trust-state-mgt-02.txt

From: <Internet-Drafts@ns.ietf.org>
Date: Mon, 09 Mar 1998 10:44:50 -0500
Message-Id: <199803091544.KAA26216@ns.ietf.org>
To: IETF-Announce: ;, @cnri.reston.va.us:
Cc: http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/5442
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the HyperText Transfer Protocol Working Group 
of the IETF.

	Title		: HTTP Trust Mechanism for State Management
	Author(s)	: D. Jaye
	Filename	: draft-ietf-http-trust-state-mgt-02.txt
	Pages		: 11
	Date		: 06-Mar-98
This document specifies an addition to the state management protocol
specified in draft-ietf-http-state-man-mec-08[Kristol].  The intent is
to provide a mechanism that allows user agents to determine the privacy
practices of a server and to accept or reject cookies based on those
practices.  Allowing the user to establish preferences for how to handle
cookies based on the server's practices provides a practical mechanism
to provide users control over the privacy implications of cookies.
To provide verification of server privacy practices, we assume the
existence of one or more independent Trust Authorities.  The authority
establishes PICS ratings representing server privacy practices. It then
issues trust-labels, in the form of digitally signed PICS labels, to
organizations for specific domains and paths based on the server privacy
practices.  The Trust Authority must be able to audit domains to
verify their adherence to a given level.  Passing these trust-labels
along with cookies allows the user agent to support cookie handling
preferences based on trusted privacy practices.
This document describes how PICS-headers are used in conjunction with
Set-Cookie or Set-Cookie2 headers in [Kristol] to provide trust-labels
to communicate the privacy practices of servers regarding cookies.

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
	"get draft-ietf-http-trust-state-mgt-02.txt".
A URL for the Internet-Draft is:

Internet-Drafts directories are located at:

	Africa:	ftp.is.co.za
	Europe: ftp.nordu.net
	Pacific Rim: munnari.oz.au
	US East Coast: ds.internic.net
	US West Coast: ftp.isi.edu

Internet-Drafts are also available by mail.

Send a message to:	mailserv@ietf.org.  In the body type:
	"FILE /internet-drafts/draft-ietf-http-trust-state-mgt-02.txt".
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the

Received on Monday, 9 March 1998 07:49:18 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:22 UTC