FW: BCP 44, RFC 2964 on Use of HTTP State Management

-----Original Message-----
From: RFC Editor [mailto:rfc-ed@ISI.EDU]
Sent: Thursday, October 12, 2000 4:49 PM
To: IETF-Announce; @loki.ietf.org
Cc: rfc-ed@ISI.EDU
Subject: BCP 44, RFC 2964 on Use of HTTP State Management



A new Request for Comments is now available in online RFC libraries.


        BCP 44 
        RFC 2964

        Title:	    Use of HTTP State Management
        Author(s):  K. Moore, N. Freed
        Status:     Best Current Practice
	Date:       October 2000
        Mailbox:    moore@cs.utk.edu, ned.freed@innosoft.com
        Pages:      8
        Characters: 18899
        Updates/Obsoletes/SeeAlso:    None

        I-D Tag:    draft-iesg-http-cookies-03.txt

        URL:        ftp://ftp.isi.edu/in-notes/rfc2964.txt


The mechanisms described in "HTTP State Management Mechanism"
(RFC-2965), and its predecessor (RFC-2109), can be used for many
different purposes.  However, some current and potential uses of the
protocol are controversial because they have significant user privacy
and security implications.  This memo identifies specific uses of
Hypertext Transfer Protocol (HTTP) State Management protocol which are
either (a) not recommended by the IETF, or (b) believed to be harmful,
and discouraged.  This memo also details additional privacy
considerations which are not covered by the HTTP State Management
protocol specification.

This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements.  Distribution of this memo is unlimited.

Received on Friday, 13 October 2000 07:49:27 UTC