- From: The IESG <iesg-secretary@ietf.org>
- Date: Tue, 02 Dec 2025 09:34:02 -0800
- To: "IETF-Announce" <ietf-announce@ietf.org>
- Cc: The IESG <iesg@ietf.org>, draft-ietf-httpbis-rfc6265bis@ietf.org, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, mbishop@evequefou.be, mnot@mnot.net, rfc-editor@rfc-editor.org
The IESG has approved the following document: - 'Cookies: HTTP State Management Mechanism' (draft-ietf-httpbis-rfc6265bis-22.txt) as Proposed Standard This document is the product of the HTTP Working Group. The IESG contact persons are Gorry Fairhurst and Mike Bishop. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/ Technical Summary This document defines the HTTP Cookie and Set-Cookie header fields. These header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol. Although cookies have many historical infelicities that degrade their security and privacy, the Cookie and Set-Cookie header fields are widely used on the Internet. This document obsoletes RFC 6265. Working Group Summary The working group (WG) consensus represent broad agreement: we had broad participation, especially from implementers. There was no controversy about particular points or decisions where the consensus was particularly rough. We used a process where major changes required a separate draft to be adopted and achieve consensus before we incorporated them. Document Quality There are a few existing implementation of the specification. There has been participation from members of the WHATWG, which is the most relevant body. Personnel The Document Shepherd for this document is Mark Nottingham. The Responsible Area Director is Francesca Palombini.
Received on Tuesday, 2 December 2025 17:35:17 UTC