On Tue, Dec 3, 2024 at 1:30 AM Daniel Stenberg <daniel@haxx.se> wrote: > On Tue, 3 Dec 2024, Greg Wilkins wrote: > > > make sure that the next RFC attempts to solve those issues so that the > > browsers can simply adopt the RFC rather than their own specification. > > I don't think they have or use any other cookie RFC. > Yeah, the WHATWG Fetch spec just cites RFC 6265. Possibly that should be a live pointer to 6265bis, as clearly from this thread we (and I mean all of us here) haven't quite figured out the right way to define cookies yet. Regardless, I think which spec is where is mostly a distraction. When something is ill-defined, fixing the ill-definedness necessarily involves a feedback loop between spec and implementation, with changes on both sides, until we figure out where to converge. Different communities manage that feedback loop differently. The mishmash of specs you see is a symptom of all this work not being done. If we had infinite energy, could resolve problems at infinite speed, and had infinite bandwidth for coordination, the compatibility needs of the HTTP ecosystem (web and non-web) would be perfectly uniform, the IETF general-HTTP-level specifications would perfectly match those needs, and the web stuff could cleanly layer on top of it, without having to override any of it. We do not live in that world, so here we are. But I think focusing on the symptom of our limitations doesn't help us move forward. How to move forward is to do the work to converge things. David
Received on Tuesday, 3 December 2024 17:33:12 UTC