- From: Jeremey Barrett <jeremey@veriweb.com>
- Date: Thu, 20 Mar 1997 13:41:00 -0800
- To: Dave Kristol <dmk@research.bell-labs.com>
- Cc: http-wg@cuckoo.hpl.hp.com
-----BEGIN PGP SIGNED MESSAGE----- Dave Kristol wrote: > > Here's an inexact application survey: > > Does anyone use, or know of an application that uses, cookies that are > labeled "Secure"? > > If not, I will consider simply removing "Secure" from the cookie spec. > If by removing it, cookies set on secure connections would be returned on insecure ones (given the removal of the port restrictions), I think that would be bad. I know I have at least one application where I would not want secure cookies sent insecurely, so they are marked "Secure". - -- Jeremey Barrett VeriWeb Internet Corp. Crypto, Ecash, Commerce Systems http://www.veriweb.com/ PGP key fingerprint = 3B 42 1E D4 4B 17 0D 80 DC 59 6F 59 04 C3 83 64 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMzGvAi/fy+vkqMxNAQFv0AP+NG98CkGWN5zjrC6AnaxZDKsZK1yV7gLk BYqUsLg6VJ4h+x6GB4vpWgryvZL3+3nbr463z5bfcjJFao+ZkdhHqE2+zW06WIfa /GWxxc03tdNpl8wtCYqKevnvvVmhN14CqXYc//+1clBWnRHinA9w+P17GQj7v+zz aFovQ+7k+YA= =7hQh -----END PGP SIGNATURE-----
Received on Thursday, 20 March 1997 13:38:57 UTC