Re: Deb Cooley's No Objection on draft-ietf-httpbis-rfc6265bis-19: (with COMMENT)

Thanks for the consideration.

Deb

On Wed, Oct 1, 2025 at 2:17 PM Steven Bingler <bingler@chromium.org> wrote:

> Hi Deb,
>
> Thank you for your review and my apologies for the delay, I had to
> take a hiatus.
>
> > Section 5:  (Recognizing that this is from the original RFC) The nested
> > numbered lists are difficult to parse.  For example Section 5.7, #6 has
> 3 sets
> > of sub numbered lists that appear to be distinct.  If these sub numbered
> lists
> > are necessary (and when there is merely a #1 without a #2, one might
> argue it
> > isn't 'necessary') then perhaps characters other than numbers might be
> clearer.
>
> We went back and forth for a bit on different styles but ultimately
> settled on keeping the existing bullets.
>
> > Section 8:  I agree with Valery that this section picks and chooses some
> > example issues ('more salient issues').  I wonder if it isn't possible
> to give
> > a 1-2 sentence overview of the general security issues associated with
> cookies.
> > Something to set the stage, where what follows are examples of issues
> that
> > have been seen over time (with or without mitigations).  Sadly, I do not
> have
> > proposed text, and indeed, it may not be possible/feasible.
>
> We weren't able to come up with anything better. Perhaps we could work
> in some concrete suggestions but without any we'll be keeping the
> existing text.
>
> > Section 10.1:  Most (all?) of the WHATWG documents can be referenced as a
> > snapshot to make them immutable.  There might be other ways to do this,
> but
> > this is the one I've seen used.
>
> Other RFCs, such as rfc9163 and rfc9205, have the referenced anchors
> be made permanent within the WHATWG document.
> https://whatwg.org/working-mode#anchors
>
> I've done the same for ours which will keep the links valid.
>
> Thanks,
> - Steven
>
>