W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: agenda/charter brainstorming

From: Yoav Nir <ynir.ietf@gmail.com>
Date: Tue, 24 Jun 2014 22:32:41 +0300
Cc: "Julian F. Reschke" <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <E7346C67-7627-4CA9-8C48-9A26B5BFC49C@gmail.com>
To: Mark Nottingham <mnot@mnot.net>

On Jun 24, 2014, at 8:42 AM, Mark Nottingham <mnot@mnot.net> wrote:

> Hi Julian,
> 
> On 23 Jun 2014, at 6:43 pm, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
>> 
>> 4) Session handling (or "avoiding cookies")
>> 
>> ...in case we find people, energy, and implementer interest.
> 
> That sounds very speculative. Draft?

http://tools.ietf.org/html/draft-williams-websec-session-continue-prob-00
http://tools.ietf.org/html/draft-williams-websec-session-continue-proto-00
http://tools.ietf.org/html/draft-abarth-cake-01
http://tools.ietf.org/html/draft-hallambaker-httpsession-02
http://tools.ietf.org/html/draft-hallambaker-httpintegrity-02
http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05


I could probably dig up a few more if I put my mind to it.

So people is easy, energy we might be able to find. Implementer interest?  Iím not sure itís there.

Interesting reads on the subject: http://www.vsecurity.com/download/papers/WeaningTheWebOffOfSessionCookies.pdf

Yoav
Received on Tuesday, 24 June 2014 19:33:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC