Re: making progress on cookies

I'm not sure I see the point of splitting the document if the wire
protocol document can't progress w/o the privacy portion. Furthermore,
I believe portions of the wire protocol are meaningless w/o the privacy
portion.

And, given that there were privacy concerns to begin with which motivated
the privacy related restrictions, I think we would need concensus
from everyone who feels strongly about the privacy restrictions that
the wire protocol can go forward w/o the privacy specifications.
Otherwise, there is no point in splitting the document because it doesn't
address the composite issues which motivated the specification in the
first place.

Dave Morris

On Fri, 10 Oct 1997, Dave Kristol wrote:

> Things have been very quiet on the cookie front.  I have been busy with
> other projects, but I am now able to return to the fray.
> 
> At issue is how to make progress on a successor to RFC 2109.  One
> proposal is to split draft-ietf-http-state-man-mec-03 into two pieces:
> 
> 1) a description of the wire protocol; and
> 2) a description of the privacy considerations of cookies.
> 
> The second document would comprise approximately these sections of
> state-man-mec-03:
> 	- 4.3.5 Sending Cookies in Unverifiable Transactions
> 	- 7 Privacy
> 
> The groundrules would be that each of the two documents could/should be
> discussed separately, but that the IESG would not allow either to
> become an RFC until agreement had been reached on both.
> 
> I'm soliciting discussion of this approach before I invest the time
> to split the document in two.  What do you think of this approach?
> 
> Dave Kristol
> 
> 

Received on Friday, 10 October 1997 15:23:01 UTC