W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 1997

Re: Secure cookies survey

From: David W. Morris <dwm@xpasc.com>
Date: Thu, 20 Mar 1997 09:39:00 -0800 (PST)
To: Dave Kristol <dmk@research.bell-labs.com>
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <Pine.SOL.3.95.970320093628.16639B-100000@shell1.aimnet.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/2782 


On Thu, 20 Mar 1997, Dave Kristol wrote:

> Here's an inexact application survey:
> 
> Does anyone use, or know of an application that uses, cookies that are
> labeled "Secure"?
> 
> If not, I will consider simply removing "Secure" from the cookie spec.

I know an application which is quite likely to want the unsecure
implication of secure ... that is, set the cookie in a secure response and
have it returned in a non-secure transaction. The application is still in
the prototype phase.

Dave Morris
Received on Thursday, 20 March 1997 09:42:31 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:01 UTC