W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: agenda/charter brainstorming

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 26 Jun 2014 00:48:17 +1200
Message-ID: <53AAC511.1040304@treenet.co.nz>
To: ietf-http-wg@w3.org
On 25/06/2014 7:32 a.m., Yoav Nir wrote:
> 
> On Jun 24, 2014, at 8:42 AM, Mark Nottingham wrote:
> 
>> Hi Julian,
>>
>> On 23 Jun 2014, at 6:43 pm, Julian Reschke wrote:
>>
>>>
>>> 4) Session handling (or "avoiding cookies")
>>>
>>> ...in case we find people, energy, and implementer interest.
>>
>> That sounds very speculative. Draft?
> 
> http://tools.ietf.org/html/draft-williams-websec-session-continue-prob-00
> http://tools.ietf.org/html/draft-williams-websec-session-continue-proto-00
> http://tools.ietf.org/html/draft-abarth-cake-01
> http://tools.ietf.org/html/draft-hallambaker-httpsession-02
> http://tools.ietf.org/html/draft-hallambaker-httpintegrity-02
> http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
> 
> 
> I could probably dig up a few more if I put my mind to it.
> 
> So people is easy, energy we might be able to find. Implementer interest?  Iím not sure itís there.

Some here from Squid. I have been watching Hallam's work with some
interest, will be needing proxy support but otherwise there is a lot of
promise there.

> 
> Interesting reads on the subject: http://www.vsecurity.com/download/papers/WeaningTheWebOffOfSessionCookies.pdf

A must read for all web developers IMHO. Thanks for the reminder.

Amos
Received on Wednesday, 25 June 2014 12:48:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC