W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Calls for Adoption -- Cookie-Related Specifications

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 22 Dec 2015 22:56:39 +1300
To: ietf-http-wg@w3.org
Message-ID: <56791E57.6070509@treenet.co.nz>
On 22/12/2015 10:41 p.m., Willy Tarreau wrote:
> On Tue, Dec 22, 2015 at 05:18:39PM +1100, Mark Nottingham wrote:
>> As discussed earlier <http://www.w3.org/mid/FAF2C2E8-0A6A-4C34-B4C4-57190AAE118D@mnot.net>, we are going to use a Call for Adoption process to assure that what we specify in terms of changes to Cookies -- if anything -- will actually get implemented.
>>
>> Based on what we've talked about so far, I believe two specifications are ready for consideration:
>>
>> * https://tools.ietf.org/html/draft-west-leave-secure-cookies-alone-04
>> * https://tools.ietf.org/html/draft-west-cookie-prefixes-05
>>
>> So, please discuss on-list:
>>
>> 1) Your intent to implement these specifications (or lack thereof). 
>> 2) Your support for these specifications (or lack thereof).
> 
> As the main author of haproxy, I definitely support these drafts which
> go in the right direction when it comes to securing cookies. In their
> current state these drafts apparently don't affect how haproxy uses
> cookies, though if updates are needed, we'll have to perform them.
> 
> The drafts are quite clear and still open to improvements. I think that
> adopting them will help quickly reaching consensus on these proposals.
> 
> Regards,
> Willy
> 
> 

As the maintainer for Squid, my position is the same as above.

Amos
Received on Tuesday, 22 December 2015 09:57:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC