W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2012

Input for conflict review of draft-secure-cookie-session-protocol

From: Barry Leiba <barryleiba@computer.org>
Date: Wed, 17 Oct 2012 22:25:16 -0400
Message-ID: <CALaySJK5JBo1cbsqcX6hyk0gSkDciZkX3o=o+rg9rgNVqBeRhw@mail.gmail.com>
To: http-state@ietf.org, websec@ietf.org, ietf-http-wg@w3.org, apps-discuss@ietf.org, oauth@ietf.org
A document titled "Secure Cookie Sessions for HTTP" has been submitted
to the Independent Stream Editor (ISE):
http://datatracker.ietf.org/doc/draft-secure-cookie-session-protocol/

The IESG has been asked to review the document, as specified in RFC
5742, Section 3.  The Security and Applications Area Directors are
looking for input for that review.  Please post any relevant comments
to the Security Area list, <saag@ietf.org>, as soon as possible, and at
least by 1 November 2012.

Note: Please do NOT post responses to any of these mailing lists.
Respond only to <saag@ietf.org> (using the subject line of this
message).

Please read RFC 5742, Section 3, and be aware that we are not looking
for detailed comments on the document itself (see below).  We
specifically need input on whether this document is in conflict with
work that's being done in the IETF.  Look at the five possible
responses specified in that section, and help us determine whether any
of 2 through 5 applies.  Please be specific in your response.

In addition to this, we're sure that the authors and the ISE would
appreciate comments about the document.  If you have those, you may
send them directly to the authors at
<draft-secure-cookie-session-protocol@tools.ietf.org>
and to the ISE at <rfc-ise@rfc-editor.org>.
General discussion of the document on these lists or the saag list will
likely not get to the authors or the ISE.

Barry Leiba, Applications AD
Received on Thursday, 18 October 2012 02:25:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 18 October 2012 02:25:46 GMT