Re: HttpOnly from Jim Manico on 2008-03-18 (ietf-http-wg@w3.org from January to March 2008)

From: Jim Manico <jim.manico@aspectsecurity.com>
Date: Tue, 18 Mar 2008 19:55:44 +0000
To: <ietf-http-wg@w3.org>
Message-ID: <B9A412898630124ABE8350F4EBD32E8496D7E9@mymail.aspectsecurity.com>

> 1 - Cookies aren't included in RFC2616 at all.

> 2 - Hardly any implemenations of cookies follow any recent attempts to

>     document how cookies should be handled so I doubt writing yet
another

>     cookie spec update will help much.

Daniel, 

 

What about http://www.ietf.org/rfc/rfc2965 ?

 

 

 

 

 

Jim Manico, Senior Application Security Engineer

jim.manico@aspectsecurity.com <mailto:john.pavone@aspectsecurity.com> 

(301) 604-4882 (work) 

(808) 652-3805 (cell) 

 

Aspect Security(tm)

Securing your applications at the source
<http://aspectsecurity.com/about.html>  

http://www.aspectsecurity.com <http://www.aspectsecurity.com>

Received on Wednesday, 19 March 2008 08:28:47 UTC