I-D Action: draft-ietf-httpbis-cookie-alone-01.txt from internet-drafts@ietf.org on 2016-09-05 (ietf-http-wg@w3.org from July to September 2016)

From: <internet-drafts@ietf.org>
Date: Mon, 05 Sep 2016 01:11:05 -0700
To: <i-d-announce@ietf.org>
Cc: ietf-http-wg@w3.org
Message-ID: <147306306545.3057.14549300855211996670.idtracker@ietfa.amsl.com>

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Hypertext Transfer Protocol of the IETF.

        Title           : Deprecate modification of 'secure' cookies from non-secure origins
        Author          : Mike West
 Filename        : draft-ietf-httpbis-cookie-alone-01.txt
 Pages           : 6
 Date            : 2016-09-05

Abstract:
   This document updates RFC6265 by removing the ability for a non-
   secure origin to set cookies with a 'secure' flag, and to overwrite
   cookies whose 'secure' flag is set.  This deprecation improves the
   isolation between HTTP and HTTPS origins, and reduces the risk of
   malicious interference.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-cookie-alone/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-httpbis-cookie-alone-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Received on Monday, 5 September 2016 08:11:34 UTC